Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-2928

Published: 21/08/2009 Updated: 19/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Tgs Content Management

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in login.php in TGS Content Management 0.x allows remote malicious users to inject arbitrary web script or HTML via the previous_page parameter, a different vector than CVE-2008-6839.

Vulnerable Product Search on Vulmon Subscribe to Product

tgs-cms tgs content management 0.2.5

tgs-cms tgs content management 0.3.0

tgs-cms tgs content management 0.2.0

tgs-cms tgs content management 0.3.2

tgs-cms tgs content management 0.1.7

tgs-cms tgs content management 0.1.6

Exploits

Exploit DB: tgs CMS 0.x - Cross-Site Scripting / SQL Injection / File Disclosure
################################################################# ################################################################# # _______ _ __ __ _ _ ______ # # |__ __| (_) | \/ (_) | |___ / # # | | _____ ___ ___| \ / |_ _ __ __| | / / # # | |/ _ \ \/ ...

References

CWE-79https://exchange.xforce.ibmcloud.com/vulnerabilities/52481http://www.exploit-db.com/exploits/9434https://nvd.nist.govhttps://www.exploit-db.com/exploits/9434/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook