CVE-2009-4885

Bernhard Frohlich Phpcom - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in templates/1/login.php in phpCommunity 2 2.1.8 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Salvatore Fresta · textwebappsphp
https://www.exploit-db.com/exploits/8185

References (3)

Scores

EPSS 0.0036
EPSS Percentile 57.7%

Classification

CWE
CWE-79
Status published

Affected Products (2)

bernhard_frohlich/phpcom
n/a/n/a

Timeline

Published Jun 11, 2010
Tracked Since Feb 18, 2026