Unrated severityNVD Advisory· Published Feb 5, 2009· Updated Apr 23, 2026
CVE-2009-0424
CVE-2009-0424
Description
Cross-site scripting (XSS) vulnerability in sign1.php in AN Guestbook (ANG) before 0.7.7 allows remote attackers to inject arbitrary web script or HTML via the country parameter, which is not properly handled in (1) administrator/manage.php or (2) administrator/trash.php. NOTE: some of these details are obtained from third party information.
Affected products
23cpe:2.3:a:an_guestbook:an_guestbook:*:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:an_guestbook:an_guestbook:*:*:*:*:*:*:*:*range: <=0.7.6
- cpe:2.3:a:an_guestbook:an_guestbook:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:0.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:2.2a:*:*:*:*:*:*:*
- cpe:2.3:a:an_guestbook:an_guestbook:3.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.securityfocus.com/bid/33292nvdPatch
- secunia.com/advisories/33490nvdVendor Advisory
- sourceforge.net/forum/forum.phpnvdVendor Advisory
- sourceforge.net/project/shownotes.phpnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/48018nvd
News mentions
0No linked articles in our index yet.