exploitDog

CVE-2009-2882

Опубликовано: 20 авг. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to services.php.

Ссылки

http://packetstormsecurity.org/0907-exploits/pgmatchmaking-xss.txt
Exploit
http://secunia.com/advisories/36004
Vendor Advisory
http://www.securityfocus.com/bid/35808
Exploit
http://packetstormsecurity.org/0907-exploits/pgmatchmaking-xss.txt
Exploit
http://secunia.com/advisories/36004
Vendor Advisory
http://www.securityfocus.com/bid/35808
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:datingpro:matchmaking:*:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.0022

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-6x4g-r338-843v

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to services.php.

EPSS

Процентиль: 44%

0.0022

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79