This script is Copyright (C) 2005-2012 Tenable Network Security, Inc.
The remote web server contains a PHP script that is susceptible to
multiple cross-site scripting attacks.
The version of phpMyDirectory installed on the remote host suffers
from multiple cross-site scripting vulnerabilities due to its failure
to sanitize user input to its 'review.php' script through various
parameters. A remote attacker can exploit these flaws to steal
cookie-based authentication credentials and perform other such
See also :
Upgrade to phpMyDirectory version 10.1.6 or newer.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true