CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4266

Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/34366
http://www.exploit-db.com/exploits/10336
https://exchange.xforce.ibmcloud.com/vulnerabilities/54582
http://secunia.com/advisories/34366
http://www.exploit-db.com/exploits/10336
https://exchange.xforce.ibmcloud.com/vulnerabilities/54582

Products affected by CVE-2009-4266

Yabsoft » Advanced Image Hosting Script » Version: 2.2

cpe:2.3:a:yabsoft:advanced_image_hosting_script:2.2
Yabsoft » Advanced Image Hosting Script » Version: 2.3

cpe:2.3:a:yabsoft:advanced_image_hosting_script:2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4266

Products

Pricing

Contact Us