CVE-2008-6589 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in LightNEasy \no database\ (aka flat) version 1.2.2 and possibly SQLite version 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php.

Reference

http://secunia.com/advisories/29833 http://www.osvdb.org/44676 http://www.osvdb.org/44677 http://www.securityfocus.com/archive/1/491064/100/0/threaded http://www.securityfocus.com/bid/28839 https://exchange.xforce.ibmcloud.com/vulnerabilities/41888