BookNux Multiple Cross Site Scripting and SQL Injection Vulnerabilities
The original article can be found at: http://www.securityfocus.com/bid/54357
The information has been provided by Jean Pascal Pereira .
* BookNux Multiple Cross Site Scripting and SQL Injection Vulnerabilities
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.BookNux 0.2 and prior are vulnerable.
Currently we are not aware of any vendor-supplied patches
Initial Release: Jul 09 2012