CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2928

Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote attackers to inject arbitrary web script or HTML via the previous_page parameter, a different vector than CVE-2008-6839.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2009-2928

Tgs-Cms » Tgs Content Management » Version: 0.1.6

cpe:2.3:a:tgs-cms:tgs_content_management:0.1.6
Tgs-Cms » Tgs Content Management » Version: 0.1.7

cpe:2.3:a:tgs-cms:tgs_content_management:0.1.7
Tgs-Cms » Tgs Content Management » Version: 0.2.0

cpe:2.3:a:tgs-cms:tgs_content_management:0.2.0
Tgs-Cms » Tgs Content Management » Version: 0.2.5

cpe:2.3:a:tgs-cms:tgs_content_management:0.2.5
Tgs-Cms » Tgs Content Management » Version: 0.3.0

cpe:2.3:a:tgs-cms:tgs_content_management:0.3.0
Tgs-Cms » Tgs Content Management » Version: 0.3.2

cpe:2.3:a:tgs-cms:tgs_content_management:0.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2928

Products

Pricing

Contact Us