CVE-2011-4709

EPSS 7.84% · P92 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-4709

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in Hotaru.php in the Search plugin 1.3 for Hotaru CMS allow remote attackers to inject arbitrary web script or HTML via the (1) SITE_NAME parameter to admin_index.php, or the (2) return and (3) search parameters to index.php. NOTE: some of these details are obtained from third party information.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Hotaru CMS Search插件多个跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Hotaru CMS的Search插件1.3版本的Hotaru.php中存在多个跨站脚本漏洞。远程攻击者可借助SITE_NAME参数或search参数注入任意web脚本或者HTML。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-4709

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-4709

请登录查看更多情报信息。

http://www.zeroscience.mk/codes/hotarucms_xss.txtx_refsource_MISC
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5057.phpx_refsource_MISC
http://secunia.com/advisories/46842third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/71302vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/71300vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/71301vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2011-4709

Same Patch Batch · n/a · 2011-12-08 · 22 CVEs total

CVE-2011-4713		osCSS2 ‘catalog/content.php’目录遍历漏洞
CVE-2011-4539		ISC DHCP 拒绝服务漏洞
CVE-2011-4265		phpWebSite 跨站脚本漏洞
CVE-2011-4264		Etomite跨站脚本漏洞
CVE-2011-4054		CA SiteMinder ‘login.fcc’ 跨站脚本漏洞
CVE-2011-3636		Red Hat FreeIPA 跨站请求伪造漏洞
CVE-2011-3179		Novell Messenger Server Process 信息泄露漏洞
CVE-2011-2653		Novell ZENWorks Asset Management ‘rtrlet’组件目录遍历漏洞
CVE-2011-4716		DreamBox 目录遍历漏洞
CVE-2011-4715		Koha ‘cgi-bin/koha/mainpage.pl’目录遍历漏洞
CVE-2011-4714		Virtual Vertex Muster目录遍历漏洞
CVE-2011-0291		BlackBerry PlayBook 平板电脑软件本地权限提升漏洞
CVE-2011-4712		Oxide WebServer目录遍历漏洞
CVE-2011-4711		Namazu lang/result参数多个目录遍历漏洞
CVE-2011-4710		Pixie CMS 多个SQL注入漏洞
CVE-2011-4708		IBM Rational Asset Manager跨站脚本漏洞
CVE-2011-4707		SAP Netweaver多个跨站脚本漏洞
CVE-2011-2917		Mambo CMS ‘administrator/index2.php’SQL注入漏洞
CVE-2011-4315		F5 Nginx 缓冲区错误漏洞
CVE-2011-4128		GnuTLS ‘gnutls_session_get_data()’ 缓冲区溢出漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-4709

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2011-4709

I. Basic Information for CVE-2011-4709

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2011-4709

III. Intelligence Information for CVE-2011-4709

Same Patch Batch · n/a · 2011-12-08 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2011-4709

Leave a comment