← back
CVE-2010-4749

CVE-2010-4749

23Vexday Risk Score

No sign of exploitation. It has a public proof of concept.

ssvc Attendepss 2.0%
from disclosure to weapon0 days
Published on NVDMar 1
1st PoCDec 15
exploitation probability
2.0%top 21% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) body parameter to action.php and the (2) amount and (3) action parameters to admin/index.php.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.