Vulnerability Description
Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpscriptsnow | World\'S Tallest Buildings | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txtExploit
- http://secunia.com/advisories/35935Vendor Advisory
- http://www.osvdb.org/56122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51871
- http://packetstormsecurity.org/0907-exploits/tallestbuildings-sql.txtExploit
- http://secunia.com/advisories/35935Vendor Advisory
- http://www.osvdb.org/56122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51871
FAQ
What is CVE-2009-2884?
CVE-2009-2884 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter.
How severe is CVE-2009-2884?
CVE-2009-2884 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2884?
Check the references section above for vendor advisories and patch information. Affected products include: Phpscriptsnow World\'S Tallest Buildings.