CVE-2009-1458

Published: 28/04/2009 Updated: 17/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in razorCMS prior to 0.4 allow remote malicious users to inject arbitrary web script or HTML via (1) the slab parameter in an edit action, (2) the catname parameter in a showcats action, and (3) the cat parameter in a reordercat action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
razorcms razorcms
razorcms razorcms 0.2

source: wwwsecurityfocuscom/bid/34566/info razorCMS is prone to a local information-disclosure vulnerability, a local access-validation vulnerability, a security-bypass vulnerability, and multiple cross-site-scripting vulnerabilities Attackers can exploit these issues to gain access to sensitive information, create denial-of-service con ...

CWE-79 http://marc.info/?l=full-disclosure&m=123998062108561&w=2 http://secunia.com/advisories/34744 http://razorcms.co.uk/support/viewtopic.php?f=13&t=325 http://marc.info/?l=full-disclosure&m=123990481506680&w=2 http://www.securityfocus.com/bid/34566 http://osvdb.org/53776 https://exchange.xforce.ibmcloud.com/vulnerabilities/49945 https://nvd.nist.gov https://www.exploit-db.com/exploits/32924/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-1458

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect