CVE-2007-5429

Name of the Vulnerable Software and Affected Versions: Nucleus version 3.01

Description: A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the archive parameter in the index.php file.

Recommendations: For Nucleus version 3.01, consider restricting access to the index.php file until a patch is available, and avoid using the archive parameter in sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.