CVE-2009-2589

2009-07-2416:00:00

mitre

www.cve.org

5.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.

References

osvdb.org/56170

osvdb.org/56171

osvdb.org/56172

packetstormsecurity.org/0907-exploits/hutscript-sqlxss.txt

secunia.com/advisories/35893

www.vupen.com/english/advisories/2009/1978

exchange.xforce.ibmcloud.com/vulnerabilities/51912