Arbitrary Web Script Execution via img Parameter in PHPKIT 1.6.03 through 1.6.1

CVE-2004-1537

Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter.

Learn more about our Web App Pen Testing.