CVE-2005-2488 Information

Description

Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php.

Reference

http://secunia.com/advisories/16317 http://securitytracker.com/id?1014616 http://www.rgod.altervista.org/webc.html http://www.securityfocus.com/bid/14464 https://exchange.xforce.ibmcloud.com/vulnerabilities/21689