CVE-2009-2401

PHPEcho CMS <2.0-rc3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in PHPEcho CMS 2.0-rc3 allows remote attackers to inject arbitrary web script or HTML via a forum post.

Exploits (1)

exploitdb WORKING POC VERIFIED
by JosS · textwebappsphp
https://www.exploit-db.com/exploits/9014

References (3)

Scores

EPSS 0.0227
EPSS Percentile 84.4%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

phpecho_cms/phpecho_cms

Timeline

Published Jul 09, 2009
Tracked Since Feb 18, 2026