Unrated severityNVD Advisory· Published Mar 10, 2010· Updated Apr 29, 2026

CVE-2009-4690

Description

Multiple cross-site scripting (XSS) vulnerabilities in YourFreeWorld Programs Rating Script allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) rate.php and (2) postcomments.php.

Affected products

Yourfreeworld/Programs Rating Script
cpe:2.3:a:yourfreeworld:programs_rating_script:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.org/0907-exploits/programsrating-xss.txtnvdExploit
secunia.com/advisories/35918nvdVendor Advisory
www.vupen.com/english/advisories/2009/1967nvdVendor Advisory
osvdb.org/56076nvd
osvdb.org/56077nvd
www.securityfocus.com/bid/35746nvd
exchange.xforce.ibmcloud.com/vulnerabilities/51880nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000