CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3649

Cross-site scripting (XSS) vulnerability in forums/index.php in Power Bulletin Board (PBBoard) 2.0.2 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter in a new_topic action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://www.sec-area.com/?p=141%23more-141&gtlang=en
http://www.securityfocus.com/archive/1/506992/100/0/threaded
http://www.sec-area.com/?p=141%23more-141&gtlang=en
http://www.securityfocus.com/archive/1/506992/100/0/threaded

Products affected by CVE-2009-3649

Pbboard » Pbboard » Version: 2.0.2

cpe:2.3:a:pbboard:pbboard:2.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3649

Products

Pricing

Contact Us