VULHUB ™

The PHP-Nuke 'mainfile.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site attacks. This could allow for execution of hostile HTML and script code in the web client of a victim user to steal cookie-based authentication credentials.

The PHP-Nuke 'mainfile.php' script does not sufficiently sanitize data supplied via URI parameters, making it prone to cross-site attacks. This could allow for execution of hostile HTML and script code in the web client of a victim user to steal cookie-based authentication credentials.