Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2589

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2009-2589
Last Modified 24 Jul 2009 12:00:00
Published 24 Jul 2009 12:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-2589

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php.

Vulnerable Systems

Application

  • Resalecode Hutscripts Php Website Script -


References

XF - hutscripts-msg-xss(51912)

VUPEN - ADV-2009-1978

SECUNIA - 35893

MISC - http://packetstormsecurity.org/0907-exploits/hutscript-sqlxss.txt

OSVDB - 56172

OSVDB - 56171

OSVDB - 56170


Last Updated: 27 May 2016 10:50:58