Phpx: Security Vulnerabilities
Cross-site scripting vulnerability (XSS) in PHPX 3.2.3 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into (1) keywords argument of main.inc.php, (2) body argument of help.inc.php, or (3) the subject field in Personal Messages and Forum.
CVSS Score
6.8
EPSS Score
0.013
Published
2004-11-23
PHPX 2.0 through 3.2.4 allows remote attackers to gain access to other accounts by modifying the cookie's PXL variable to reference another userID.
CVSS Score
10.0
EPSS Score
0.048
Published
2004-11-23
Page 2