CVE-2008-0334 – pMachine Pro 2.4.1 - Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2008-0334

Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en pm/language/spanish/preferences.php de PMachine Pro 2.4.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante el parámetro L_PREF_NAME[855]. • https://www.exploit-db.com/exploits/31027 http://packetstormsecurity.org/0801-exploits/pMachinePro-241-xss.txt http://www.securityfocus.com/bid/27282 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •