CVE-2008-1064

Name of the Vulnerable Software and Affected Versions Red Mexico RMSOFT Gallery System (GS) version 2.0

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the q parameter in the images.php file of the Red Mexico RMSOFT Gallery System (GS) 2.0 module for XOOPS.

Recommendations For version 2.0, avoid using the q parameter in the images.php file until a fix is available. As a temporary workaround, consider restricting access to the images.php file to minimize the risk of exploitation.