CVE-2009-4460

2009-12-3019:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 allow remote attackers to inject arbitrary web script or HTML via the rid parameter to (1) index.php, (2) faq.php, and (3) register.php.

References

osvdb.org/61285

osvdb.org/61286

osvdb.org/61287

secunia.com/advisories/37894

www.exploit-db.com/exploits/10616