CVEブラウザに戻る

CVE-2010-4407

MEDIUM

4.3

CVSS Severity Score

EPSS Score0.0610%

EPSS Percentile41.02th

Published2010年12月6日

Last Modified2026年4月29日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to inject arbitrary web script or HTML via the (1) nome (nickname), (2) messaggio (message), and (3) link (homepage) parameters.

Affected Platforms (CPE)

📦

Alberto Pittoni

Alguest

= 1.1

References & Advisories

🔗 http://evuln.com/vulns/151/summary.html

🔗 http://packetstormsecurity.org/files/view/96297/alguest-xss.txt

🔗 http://www.securityfocus.com/archive/1/514960/100/0/threaded

🔗 http://www.securityfocus.com/bid/45140

🔗 http://evuln.com/vulns/151/summary.html

🔗 http://packetstormsecurity.org/files/view/96297/alguest-xss.txt

🔗 http://www.securityfocus.com/archive/1/514960/100/0/threaded

🔗 http://www.securityfocus.com/bid/45140

関連する脆弱性情報

CVE-2002-049110.0

admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which a...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...