VYPR
Unrated severityNVD Advisory· Published Oct 27, 2010· Updated Jun 16, 2026

CVE-2010-4097

CVE-2010-4097

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.

Affected products

3
  • cpe:2.3:a:avatic:aardvark_topsites_php:5.2.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:avatic:aardvark_topsites_php:5.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:avatic:aardvark_topsites_php:5.2.1:*:*:*:*:*:*:*
  • Range: 5.2.0, 5.2.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.