Unrated severityNVD Advisory· Published Sep 22, 2009· Updated Apr 23, 2026

CVE-2009-3283

Description

Cross-site scripting (XSS) vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot, dated before 20090914, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to cookies.

Affected products

Phpspot/PHP Bbs
cpe:2.3:a:phpspot:php_bbs:*:*:*:*:*:*:*:*
Phpspot/PHP Bbs Ce
cpe:2.3:a:phpspot:php_bbs_ce:*:*:*:*:*:*:*:*
Phpspot/PHP \& CSS Bbs
cpe:2.3:a:phpspot:php_\&_css_bbs:*:*:*:*:*:*:*:*
Phpspot/PHP Image Capture Bbs
cpe:2.3:a:phpspot:php_image_capture_bbs:*:*:*:*:*:*:*:*
Phpspot/PHP Rss Builder
cpe:2.3:a:phpspot:php_rss_builder:*:*:*:*:*:*:*:*
Phpspot/Webshot
cpe:2.3:a:phpspot:webshot:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/36783nvdVendor Advisory
jvn.jp/en/jp/JVN53591199/index.htmlnvd
jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000063.htmlnvd
phpspot.net/php/pg2009%94N9%8C%8E%20PHP%83X%83N%83%8A%83v%83g%82%CC%90%C6%8E%E3%90%AB.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000