exploitDog

CVE-2009-4984

Опубликовано: 25 авг. 2010

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me PHP Affiliate Script 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Keywords parameter to search.php and (2) SearchIndex parameter to browse.php.

Ссылки

http://secunia.com/advisories/36148
Vendor Advisory
http://www.exploit-db.com/exploits/9370
http://secunia.com/advisories/36148
Vendor Advisory
http://www.exploit-db.com/exploits/9370

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:websitesrus:accessories_me_php_affiliate_script:1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00226

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-7qh2-5rgv-2x95

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in Accessories Me PHP Affiliate Script 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Keywords parameter to search.php and (2) SearchIndex parameter to browse.php.

EPSS

Процентиль: 45%

0.00226

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79