Cross site scripting

2010-03-2422:44:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

65.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters.

References

packetstormsecurity.org/1002-exploits/phpmysite-sqlxss.txt

www.vupen.com/english/advisories/2010/0492

exchange.xforce.ibmcloud.com/vulnerabilities/56574

www.exploit-db.com/exploits/11588