Cross-site scripting (XSS) vulnerability in report.php in Mr. CGI Guy Hot Links SQL-PHP 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter.
References
Configurations
History
No history.
Information
Published : 2008-10-01 15:38
Updated : 2024-02-28 11:21
NVD link : CVE-2008-4379
Mitre link : CVE-2008-4379
CVE.ORG link : CVE-2008-4379
JSON object : View
Products Affected
mr._cgi_guy
- hot_links_sql_php
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')