QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-4717

Back to search

CVE-2009-4717

Published: Mar 15, 2010

Modified: Sep 16, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the (1) host parameter to stat/host.php, nodayshow parameter to (2) mostvisitpage.php and (3) visitorduration.php in stat/, (4) nopagesmost parameter to stat/mostvisitpagechart.php, and date parameter to (5) pageviewers.php, (6) pageviewerschart.php, and (7) referer.php in stat/.

VendorProductVersions

n/a

n/a

affected
n/a

References

36068
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now