CVE-2009-4601
published 2010-01-12CVE-2009-4601: Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.48%
70.8th percentile
Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zeeways | zeejobsite | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v32q-4mm3-923h: Cross-site scripting (XSS) vulnerability in basic_search_result
ghsa_unreviewed·2022-05-02
CVE-2009-4601 [MEDIUM] CWE-79 GHSA-v32q-4mm3-923h: Cross-site scripting (XSS) vulnerability in basic_search_result
Cross-site scripting (XSS) vulnerability in basic_search_result.php in Zeeways ZeeJobsite 3x allows remote attackers to inject arbitrary web script or HTML via the title parameter.
Red Hat
opensc: insufficient access restrictions on private data
vendor_redhat·CVSS 2.1
CVE-2009-0368 [LOW] opensc: insufficient access restrictions on private data
opensc: insufficient access restrictions on private data
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
No detection rules found.
No writeups or analysis indexed.
2010-01-12
Published