CVE-2008-6982 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in devalcms 1.4a allows remote attackers to inject arbitrary web script or HTML via the currentpath parameter.

Reference

http://osvdb.org/47971 http://sourceforge.net/projects/devalcms/files/devalcms/devalcms-1.4b/devalcms-1.4b.zip/download http://www.securityfocus.com/bid/31037 https://exchange.xforce.ibmcloud.com/vulnerabilities/44940 https://www.exploit-db.com/exploits/6369