Vulnerabilities (CVE)

Filtered by vendor Hotaru Subscribe
Filtered by product Hotaru Cms
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4709 1 Hotaru 2 Hotaru Cms, Search Plugin 2024-02-04 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the (1) SITE_NAME parameter to admin_index.php, or the (2) return and (3) search parameters to index.php. NOTE: some of these details are obtained from third party information.