Below is the key information regarding the Nooms 1.1 vulnerability: Vulnerability Name: Nooms 1.1 Publication Date: September 11, 2008 Discoverer: irancrash Local Vulnerability: No Remote Vulnerability: Yes Risk Level: Medium Vulnerability Type: Multiple vulnerabilities (Cross-site Scripting / Redirection / MySQL Brute Force Local Access) CVE IDs: CVE-2008-4162 CWE IDs: CWE-59 Detailed Vulnerability Description: MySQL Remote Brute Force Vulnerability: - Attackers can exploit this vulnerability to remotely brute-force passwords for root and other users. - Example Vulnerable URL: Cross-site Scripting (XSS) Vulnerabilities: - XSS Example 1: - XSS Example 2: Redirection Vulnerability: - Example Vulnerable URL: - XSS Example: References: http://www.securityfocus.com/archive/1/archive/1/496236/100/0/threaded