Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-3666

Published: 11/10/2009 Updated: 10/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Nullam Blog

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in index.php in Nullam Blog 0.1.2 allows remote malicious users to inject arbitrary web script or HTML via the e parameter in an error action.

Vulnerable Product Search on Vulmon Subscribe to Product

nullam nullam blog 0.1.2

Exploits

Exploit DB: nullam blog 0.1.2 - Local File Inclusion / File Disclosure / SQL Injection / Cross-Site Scripting
-- Salvatore Fresta aka drosophila CWNP444351 ******** Salvatore "drosophila" Fresta ******** [+] Application: Nullam Blog [+] Version: 012 [+] Website: nullamnet/ [+] Bugs: [A] Local File Inclusion [B] File Disclosure [C] Multiple Blind SQL Injection [D] SQL Injection [E] Reflected XSS [+] Exploitation: Remote [+] Date: 10 Sep 2009 ...

References

CWE-79http://www.osvdb.org/57921http://secunia.com/advisories/36648https://exchange.xforce.ibmcloud.com/vulnerabilities/53216http://www.exploit-db.com/exploits/9625http://www.securityfocus.com/archive/1/506380/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/9625/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook