CVE-2009-4168
CVE Descriptions
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:P/A:N | nvd@nist.gov |
EPSS
EPSS Score
EPSS Percentile
Exploit information
Exploit Database EDB-ID : 33371
Publication date : 2009-11-08 23h00 +00:00
Author : MustLive
EDB Verified : Yes
Products Mentioned
Configuraton 0
Roytanck>>Wp-cumulus >> Version To (including) 1.22
Roytanck>>Wp-cumulus >> Version 1.00
Roytanck>>Wp-cumulus >> Version 1.01
Roytanck>>Wp-cumulus >> Version 1.02
Roytanck>>Wp-cumulus >> Version 1.2.1
Roytanck>>Wp-cumulus >> Version 1.03
Roytanck>>Wp-cumulus >> Version 1.04
Roytanck>>Wp-cumulus >> Version 1.05
Roytanck>>Wp-cumulus >> Version 1.10
Roytanck>>Wp-cumulus >> Version 1.11
Roytanck>>Wp-cumulus >> Version 1.12
Roytanck>>Wp-cumulus >> Version 1.13
Roytanck>>Wp-cumulus >> Version 1.14
Roytanck>>Wp-cumulus >> Version 1.15
Roytanck>>Wp-cumulus >> Version 1.16
Roytanck>>Wp-cumulus >> Version 1.17
Roytanck>>Wp-cumulus >> Version 1.18
Roytanck>>Wp-cumulus >> Version 1.19
Roytanck>>Wp-cumulus >> Version 1.20
Wordpress>>Wordpress >> Version *
References
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : x_refsource_CONFIRM
