CVE-2009-4364
CVE-2009-4364 describes a Cross-site Scripting (XSS) vulnerability in the ScriptsEz Ez Blog, affecting the application’s index.php where the cname parameter can inject arbitrary web script/HTML (related to the act and id parameters). The root cause is insufficient input validation on cname. Impac...