This page lists publicly disclosed CVE vulnerabilities for resalecode hutscripts_php_website_script from every vulnerable NVD CPE match row for this product, including cases where the versions table cannot show finer version attributes.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2009-2590 | SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. | [email protected] | 7.5 | 1.20% | 2009-07-24 | 2026-04-23 |
| CVE-2009-2589 | Multiple cross-site scripting (XSS) vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to (1) feedback.php, (2) index.php, and (3) lostpassword.php. | [email protected] | 4.3 | 1.34% | 2009-07-24 | 2026-04-23 |