“The PHP Video Script instantly creates a niche video site based on keywords users control via the admin console. The videos are displayed on users’ site, but streamed from the YouTube servers.”
(2) Vulnerability Details.
JCE-Tech “Video Niche Script” is vulnerable to XSS attacks.
(2.1) The vulnerability occurs at “view.php” page with “video”, “title” parameters.