CVE-2009-4684
published 2010-03-10CVE-2009-4684: Cross-site scripting (XSS) vulnerability in index.php in EZodiak allows remote attackers to inject arbitrary web script or HTML via the sign parameter.
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.51%
71.3th percentile
Cross-site scripting (XSS) vulnerability in index.php in EZodiak allows remote attackers to inject arbitrary web script or HTML via the sign parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Edgephp EZodiak index.php sign cross site scripting (EDB-34737 / XFDB-51859)
vuldb·2026-05-02·CVSS 4.3
CVE-2009-4684 [MEDIUM] Edgephp EZodiak index.php sign cross site scripting (EDB-34737 / XFDB-51859)
A vulnerability was found in Edgephp EZodiak. It has been declared as problematic. Affected is an unknown function of the file index.php. The manipulation of the argument sign results in cross site scripting.
This vulnerability was named CVE-2009-4684. The attack may be performed from remote. In addition, an exploit is available.
GHSA
GHSA-pqcg-jhr9-5gvm: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-02
CVE-2009-4684 [MEDIUM] CWE-79 GHSA-pqcg-jhr9-5gvm: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in EZodiak allows remote attackers to inject arbitrary web script or HTML via the sign parameter.
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/56073http://packetstormsecurity.org/0907-exploits/ezodiak-xss.txthttp://secunia.com/advisories/35923https://exchange.xforce.ibmcloud.com/vulnerabilities/51859http://osvdb.org/56073http://packetstormsecurity.org/0907-exploits/ezodiak-xss.txthttp://secunia.com/advisories/35923https://exchange.xforce.ibmcloud.com/vulnerabilities/51859
2010-03-10
Published