CVE-2009-2588 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php (2) index.php and (3) lostpassword.php.

Reference

http://osvdb.org/56167 http://osvdb.org/56168 http://osvdb.org/56169 http://packetstormsecurity.org/0907-exploits/hotscriptsclone-xss.txt http://secunia.com/advisories/35892 http://www.vupen.com/english/advisories/2009/1979 https://exchange.xforce.ibmcloud.com/vulnerabilities/51911