2 matches found
CVE-2009-3146
Cross-site scripting XSS vulnerability in searchadvance.php in ArticleFriend Script allows remote attackers to inject arbitrary web script or HTML via the SearchWd parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-3146
CVE-2009-3146 affects ArticleFriend Script’s search_advance.php. The vulnerability is a cross-site scripting (XSS) flaw that allows an attacker to inject arbitrary web script or HTML via the SearchWd parameter due to insufficient input sanitization in the search function. According to the documen...