CVE-2009-4934

2022-10-0316:24:02

mitre

www.cve.org

cross-site scripting

online photo pro 2.0

index.php

arbitrary web script

html

section parameter

5.7 Medium

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.5%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Online Photo Pro 2.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter.

References

packetstorm.linuxsecurity.com/0904-exploits/opp20-xss.txt

secunia.com/advisories/34825

www.securityfocus.com/bid/34625