CVE-2010-2675 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1 1.9 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter in an articolo action.

Reference

http://packetstormsecurity.org/1003-exploits/tsokacms-sqlxss.txt http://www.exploit-db.com/exploits/11923