CVE-2008-1917
AMFPHP 1.2 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in AMFPHP 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) class parameter to (a) methodTable.php, (b) code.php, and (c) details.php in browser/; and the (2) location parameter to browser/code.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (3)
exploitdb
WRITEUP
VERIFIED
by Alberto Cuesta Partida · textwebappsphp
https://www.exploit-db.com/exploits/31652
exploitdb
WRITEUP
VERIFIED
by Alberto Cuesta Partida · textwebappsphp
https://www.exploit-db.com/exploits/31653
exploitdb
WRITEUP
VERIFIED
by Alberto Cuesta Partida · textwebappsphp
https://www.exploit-db.com/exploits/31651
Scores
EPSS
0.0027
EPSS Percentile
50.5%
Classification
CWE
CWE-79
Status
draft
Affected Products (1)
amfphp/amfphp
Timeline
Published
Apr 23, 2008
Tracked Since
Feb 18, 2026