CVE-2005-0896

Name of the Vulnerable Software and Affected Versions phpMyDirectory version 10.1.3-rel

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the subcat, page, or subsubcat parameters in the review.php file.

Recommendations For phpMyDirectory version 10.1.3-rel, consider restricting access to the review.php file until a patch is available, and avoid using the subcat, page, or subsubcat parameters in this file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.