Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Eqdkp | Eqdkp | 1.3_p4 | 1.3_p4 |
Eqdkp | Eqdkp | 1.2.0 | 1.2.0 |
Eqdkp | Eqdkp | 1.3.1_p1 | 1.3.1_p1 |
Eqdkp | Eqdkp | 1.1.0 | 1.1.0 |
Eqdkp | Eqdkp | * | 1.3.2c |
Eqdkp | Eqdkp | 1.3.1 | 1.3.1 |
Eqdkp | Eqdkp | 1.3.0 | 1.3.0 |