CVE-2009-4547

ViArt CMS 3.x - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the (1) category_id parameter to forums.php, or the forum_id parameter to (2) forum.php or (3) forum_topic_new.php.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Moudi · textwebappsphp

https://www.exploit-db.com/exploits/33158

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Moudi · textwebappsphp

https://www.exploit-db.com/exploits/33155

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Moudi · textwebappsphp

https://www.exploit-db.com/exploits/33157

View Code ZIP pw:eip

References (7)

Core 7

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52371

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36003

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/56883

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36241

Exploit x_refsource_misc

http://packetstormsecurity.org/0908-exploits/viartcms-xss.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/56884

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/56885

Scores

EPSS 0.0215

EPSS Percentile 84.3%

Details

CWE

CWE-79

Status published

Products (1)

viart/viart_cms 3.3.2

Published Jan 04, 2010

Tracked Since Feb 18, 2026