PhpCMS XSS Network Vulnerability

Summary

The remote host runs phpCMS, a content management system written in PHP. This version is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in parser.php script. Successful exploitation of this issue may allow an attacker to execute malicious script code on a vulnerable server.

Solution

Upgrade to version 1.2.1pl1 or newer

Severity

Classification

CVE CVE-2004-1202

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

aeNovo Database Content Disclosure Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-03 May-2014
Apache Tomcat Directory Listing and File disclosure
Apache Struts2 'XWork' Information Disclosure Vulnerability
Apache Tomcat NIO Connector Denial of Service Vulnerability

phpCMS XSS

Take action and discover your vulnerabilities