CVE-2009-2889

Phpscriptsnow Hangman - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to inject arbitrary web script or HTML via the letters parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Moudi · textwebappsphp
https://www.exploit-db.com/exploits/34771

References (4)

Scores

EPSS 0.0135
EPSS Percentile 79.9%

Classification

CWE
CWE-79
Status published

Affected Products (2)

phpscriptsnow/hangman
n/a/n/a

Timeline

Published Aug 20, 2009
Tracked Since Feb 18, 2026