CVE-2010-1091
published 2010-03-24CVE-2010-1091: Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name…
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.47%
70.4th percentile
Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
phpMySite contact.php cross site scripting (EDB-11588 / XFDB-56574)
vuldb·2026-05-03·CVSS 4.3
CVE-2010-1091 [MEDIUM] phpMySite contact.php cross site scripting (EDB-11588 / XFDB-56574)
A vulnerability labeled as problematic has been found in phpMySite. Affected by this issue is some unknown functionality of the file contact.php. Such manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2010-1091. The attack may be performed from remote. In addition, an exploit is available.
GHSA
GHSA-79r8-88qh-96vm: Multiple cross-site scripting (XSS) vulnerabilities in contact
ghsa_unreviewed·2022-05-02
CVE-2010-1091 [MEDIUM] CWE-79 GHSA-79r8-88qh-96vm: Multiple cross-site scripting (XSS) vulnerabilities in contact
Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) city, (3) email, (4) state, and (5) message parameters.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.org/1002-exploits/phpmysite-sqlxss.txthttp://www.exploit-db.com/exploits/11588http://www.vupen.com/english/advisories/2010/0492https://exchange.xforce.ibmcloud.com/vulnerabilities/56574http://packetstormsecurity.org/1002-exploits/phpmysite-sqlxss.txthttp://www.exploit-db.com/exploits/11588http://www.vupen.com/english/advisories/2010/0492https://exchange.xforce.ibmcloud.com/vulnerabilities/56574
2010-03-24
Published