← back
CVE-2009-1315

CVE-2009-1315

EPSS 1.7%
Multiple cross-site scripting (XSS) vulnerabilities in AbleSpace 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter to groups_profile.php, (2) cat_id and (3) razd_id parameters to adv_cat.php, and the (4) URL to blogs_full.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/8424unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://dsecrg.com/pages/vul/show.php?id=137http://secunia.com/advisories/34663https://exchange.xforce.ibmcloud.com/vulnerabilities/44847https://www.exploit-db.com/exploits/8424http://www.securityfocus.com/archive/1/502670/100/0/threadedhttp://www.securityfocus.com/bid/34512