Page 2 of 11 results (0.003 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2009-4461 – Flatpress - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-4461
30 Dec 2009 — Multiple cross-site scripting (XSS) vulnerabilities in FlatPress 0.909 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) contact.php, (2) login.php, and (3) search.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en FlatPress v0.909 permite atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria a traves de PATH_INFO a (1) contact.php, (2) login.php, and (3) search.php. • https://www.exploit-db.com/exploits/10688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •