CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3192

Multiple cross-site scripting (XSS) vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the searchstr parameter in a search action; or the (2) nikname, (3) realname, (4) homepage, or (5) city parameter in a registration action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.5%

CVSS Severity

CVSS v2 Score 4.3

References

http://packetstormsecurity.org/0908-exploits/linkorcms-xss.txt
http://secunia.com/advisories/36487
http://packetstormsecurity.org/0908-exploits/linkorcms-xss.txt
http://secunia.com/advisories/36487

Products affected by CVE-2009-3192

Linkorcms » Linkorcms » Version: Any

cpe:2.3:a:linkorcms:linkorcms:*
Linkorcms » Linkorcms » Version: 1.1

cpe:2.3:a:linkorcms:linkorcms:1.1
Linkorcms » Linkorcms » Version: 1.2

cpe:2.3:a:linkorcms:linkorcms:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3192

Products

Pricing

Contact Us