Unrated severityNVD Advisory· Published Dec 22, 2009· Updated Jun 16, 2026
CVE-2009-4384
CVE-2009-4384
Description
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote attackers to inject arbitrary web script or HTML via the (1) pid parameter in a code action to index.php and the (2) uid parameter in a view action to profile.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:scriptsez:ez_poll_hoster:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:scriptsez:ez_poll_hoster:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4- packetstormsecurity.org/0912-exploits/ezpollhoster-xssxsrf.txtnvdExploit
- www.exploit-db.com/exploits/10439nvdExploit
- secunia.com/advisories/37716nvdVendor Advisory
- www.vupen.com/english/advisories/2009/3529nvdVendor Advisory
News mentions
0No linked articles in our index yet.