Description
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PREF_NAME[855] parameter.
Exploits (1)
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/0801-exploits/pMachinePro-241-xss.txt
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27282
Scores
EPSS
0.0034
EPSS Percentile
56.5%
Details
CWE
CWE-79
Status
published
Products (1)
pmachine/pmachine_pro
2.4.1
Published
Jan 17, 2008
Tracked Since
Feb 18, 2026