VULHUB ™

It has been reported that the GBook module for PHP-Nuke may be prone to a HTML injection vulnerability that may allow a remote attacker to carry out HTML injection attacks in order to steal sensitive data such as authentication credentials. Due to insufficient sanitization of user-supplied data, various parameters passed to the GBook module are vulnerable to HTML injection. Some of the affected parameters include 'name', 'email', 'city', and 'message'. Gbook script for PHP-Nuke version 1.0 has been tested for this issue, however, it is likely that other versions of PHP-Nuke are vulnerable as well.

It has been reported that the GBook module for PHP-Nuke may be prone to a HTML injection vulnerability that may allow a remote attacker to carry out HTML injection attacks in order to steal sensitive data such as authentication credentials. Due to insufficient sanitization of user-supplied data, various parameters passed to the GBook module are vulnerable to HTML injection. Some of the affected parameters include 'name', 'email', 'city', and 'message'. Gbook script for PHP-Nuke version 1.0 has been tested for this issue, however, it is likely that other versions of PHP-Nuke are vulnerable as well.