Cross-Site Scripting Vulnerabilities in FlatPress by Bmines
CVE-2009-4461

Currently unrated

Key Information:

Vendor

Flatpress

Status
Flatpress
Vendor
CVE Published:
30 December 2009

What is CVE-2009-4461?

FlatPress 0.909 contains multiple cross-site scripting vulnerabilities that enable remote attackers to inject arbitrary scripts or HTML into web pages. This can be exploited via the PATH_INFO variable by targeting specific PHP files, including contact.php, login.php, and search.php. This vulnerability presents a significant risk as it can lead to unauthorized actions performed on behalf of users, data theft, or other malicious activities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/37938
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/37471
vdb-entryx_refsource_BID
http://www.exploit-db.com/exploits/10688
exploitx_refsource_EXPLOIT-DB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.