Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for PHP-Nuke 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pagetitle or (2) error parameters, or (3) certain parameters in the error log.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php-nuke_module | Error_manager | 2.1 (including) | 2.1 (including) |