Arbitrary Web Script Execution via img Parameter in PHPKIT 1.6.03 through 1.6.1

CVE-2004-1537 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter.

Learn more about our Web App Pen Testing.