CVE-2009-3283

Phpspot Php & Css Bbs - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies.

References (4)

[Third Party Advisory] http://jvn.jp/en/jp/JVN53591199/index.html

[Third Party Advisory] http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000063.html

[Various Sources] http://phpspot.net/php/pg2009%94N9%8C%8E%20PHP%83X%83N%83%8A%83v%83g%82%CC%90%C6%8E%E3%90%AB.html

[Vendor Advisory] http://secunia.com/advisories/36783

Scores

EPSS 0.0029

EPSS Percentile 51.6%

Classification

CWE

CWE-79

Status published

Affected Products (7)

phpspot/php_\&_css_bbs

phpspot/php_bbs

phpspot/php_bbs_ce

phpspot/php_image_capture_bbs

phpspot/php_rss_builder

phpspot/webshot

n/a/n/a

Timeline

Published Sep 22, 2009

Tracked Since Feb 18, 2026