CVE-2008-2115

Name of the Vulnerable Software and Affected Versions ScriptsEZ.net Power Editor version 2.0

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerable parameters are te and dir in a 'tempedit' action.

Recommendations For ScriptsEZ.net Power Editor version 2.0, avoid using the te and dir parameters in the 'tempedit' action until a fix is available. As a temporary workaround, consider restricting access to the editor.php file to minimize the risk of exploitation.