Unrated severityNVD Advisory· Published Apr 28, 2009· Updated Apr 23, 2026
CVE-2009-1458
CVE-2009-1458
Description
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in razorCMS before 0.4 allow remote attackers to inject arbitrary web script or HTML via (1) the slab parameter in an edit action, (2) the catname parameter in a showcats action, and (3) the cat parameter in a reordercat action.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.securityfocus.com/bid/34566nvdExploit
- razorcms.co.uk/support/viewtopic.phpnvdVendor Advisory
- secunia.com/advisories/34744nvdVendor Advisory
- marc.infonvd
- marc.infonvd
- osvdb.org/53776nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49945nvd
News mentions
0No linked articles in our index yet.