phpSkelSite Multiple Input Validation Vulnerabilities
phpSkelSite is prone to multiple input-validation vulnerabilities:
- A remote file-include vulnerability
- A local file-include vulnerability
- A cross-site scripting vulnerability
An attacker can exploit these issues to execute malicious script code and PHP code in the context of the webserver process, compromise the affected application, and steal cookie-based authentication credentials. Other attacks are also possible.
phpSkelSite 1.4 is vulnerable; other versions may also be affected.