Description
Cross-site scripting (XSS) vulnerability in emaullinks.php in YABSoft Mega File Hosting Script (aka MFH or MFHS) 1.2 allows remote attackers to inject arbitrary web script or HTML via the moudi parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
References (2)
Core 2
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/36413
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/53642
Scores
EPSS
0.0020
EPSS Percentile
42.3%
Details
CWE
CWE-79
Status
published
Products (1)
yabsoft/mega_file_hosting_script
1.2
Published
Oct 09, 2009
Tracked Since
Feb 18, 2026