Description
Multiple cross-site scripting (XSS) vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the (1) search_name and (2) languages parameters. NOTE: some of these details are obtained from third party information.
Exploits (1)
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/52303
Exploit x_refsource_misc
http://packetstormsecurity.org/0908-exploits/des-xss.txt
Scores
EPSS
0.0019
EPSS Percentile
41.0%
Details
CWE
CWE-79
Status
published
Products (2)
i-escorts/i-escorts_agency_script
i-escorts/i-escorts_directory_script
Published
May 11, 2010
Tracked Since
Feb 18, 2026