CVE-2009-3598

Ecardmax.com Formxp - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in survey_result.php in eCardMAX FormXP 2007 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Moudi · textwebappsphp
https://www.exploit-db.com/exploits/34871

References (4)

Scores

EPSS 0.0135
EPSS Percentile 79.9%

Classification

CWE
CWE-79
Status published

Affected Products (2)

ecardmax.com/formxp
n/a/n/a

Timeline

Published Oct 08, 2009
Tracked Since Feb 18, 2026