Unrated severityNVD Advisory· Published Oct 27, 2010· Updated Jun 16, 2026
CVE-2010-4097
CVE-2010-4097
Description
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) title, (3) u, and (4) url parameters. NOTE: the q parameter is already covered by CVE-2009-2302.
Affected products
3cpe:2.3:a:avatic:aardvark_topsites_php:5.2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:avatic:aardvark_topsites_php:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:avatic:aardvark_topsites_php:5.2.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.