CVE-2008-2126
Tux Cms - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in Tux CMS 0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) q parameter to index.php and the (2) returnURL parameter to tux-login.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Hadi Kiamarsi · textwebappsphp
https://www.exploit-db.com/exploits/31753
References (5)
Scores
EPSS
0.0035
EPSS Percentile
56.7%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
tux_cms/tux_cms
Timeline
Published
May 09, 2008
Tracked Since
Feb 18, 2026