Php · Php-Nuke · CVE-2003-0318
Name of the Vulnerable Software and Affected Versions:
PHP-Nuke versions 6.0 and earlier
Description:
The issue is related to a cross-site scripting (XSS) vulnerability in the Statistics module. This allows remote attackers to insert arbitrary web script via the `year` parameter.
Recommendations:
For PHP-Nuke versions 6.0 and earlier, update to a version later than 6.0 to resolve the issue.