CVE-2009-4682
published 2010-03-10CVE-2009-4682: Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.45%
70.0th percentile
Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a vote action.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Scriptsez Good-Bad Vote vote.php ID cross site scripting (EDB-9185 / SA35835)
vuldb·2026-05-02·CVSS 4.3
CVE-2009-4682 [MEDIUM] Scriptsez Good-Bad Vote vote.php ID cross site scripting (EDB-9185 / SA35835)
A vulnerability was found in Scriptsez Good-Bad Vote and classified as problematic. This affects an unknown function of the file vote.php. Executing a manipulation of the argument ID can lead to cross site scripting.
This vulnerability is handled as CVE-2009-4682. The attack can be executed remotely. Additionally, an exploit exists.
GHSA
GHSA-r33g-v22q-5gfw: Cross-site scripting (XSS) vulnerability in vote
ghsa_unreviewed·2022-05-02
CVE-2009-4682 [MEDIUM] CWE-79 GHSA-r33g-v22q-5gfw: Cross-site scripting (XSS) vulnerability in vote
Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a vote action.
No detection rules found.
No writeups or analysis indexed.
2010-03-10
Published