5.8 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.6%
Multiple cross-site scripting (XSS) vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 allow remote attackers to inject arbitrary web script or HTML via the rid parameter to (1) index.php, (2) faq.php, and (3) register.php.
osvdb.org/61285
osvdb.org/61286
osvdb.org/61287
secunia.com/advisories/37894
www.exploit-db.com/exploits/10616