CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2882

Multiple cross-site scripting (XSS) vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) browse_ladies.php and (2) browse_men.php, the (3) gender parameter to search.php, and the (4) id parameter to services.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.5%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/0907-exploits/pgmatchmaking-xss.txt
http://secunia.com/advisories/36004
http://www.securityfocus.com/bid/35808
http://packetstormsecurity.org/0907-exploits/pgmatchmaking-xss.txt
http://secunia.com/advisories/36004
http://www.securityfocus.com/bid/35808

Products affected by CVE-2009-2882

Datingpro » Matchmaking » Version: Any

cpe:2.3:a:datingpro:matchmaking:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2882

Products

Pricing

Contact Us