{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T23:58:54.582","vulnerabilities":[{"cve":{"id":"CVE-2009-0971","sourceIdentifier":"cve@mitre.org","published":"2009-03-19T10:30:00.610","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en futomi's CGI Cafe Access Analyzer CGI Standard Version v3.8.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores desconocidos."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:*:*:std:*:*:*:*:*","versionEndIncluding":"3.8.1","matchCriteriaId":"F6175713-CFAA-415D-87D8-F54EB2FC91AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:1.1:*:std:*:*:*:*:*","matchCriteriaId":"20ABFF4F-26C3-461D-9F38-6B8DE57B2782"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:1.2:*:std:*:*:*:*:*","matchCriteriaId":"FA7F7688-CD90-46B7-9AB2-D52A57C5BA81"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:1.3:*:std:*:*:*:*:*","matchCriteriaId":"0490EFA6-AEAB-4F11-B679-B9DC1245EFF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:1.4:*:std:*:*:*:*:*","matchCriteriaId":"6974958E-E0C9-4AB5-AE67-B8A2483772A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:2.0:*:std:*:*:*:*:*","matchCriteriaId":"B2375FDF-B383-44BC-A2DF-F71416790EBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:2.1:*:std:*:*:*:*:*","matchCriteriaId":"629AAD4C-BB24-4F13-8EAD-6081964470F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:2.2:*:std:*:*:*:*:*","matchCriteriaId":"A70FB601-1673-447E-8FF0-4B6EAB44C602"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:2.3:*:std:*:*:*:*:*","matchCriteriaId":"74956E00-B195-488B-8CDF-7497D238629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:2.4:*:std:*:*:*:*:*","matchCriteriaId":"5DAB8541-7F13-4D7F-9313-B2242BA8EEF1"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.0:*:std:*:*:*:*:*","matchCriteriaId":"9108EF94-DDBB-4F07-B83C-9CAFD7821BD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.1:*:std:*:*:*:*:*","matchCriteriaId":"F566B688-0734-4C28-9BF1-CAD72C910568"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.2:*:std:*:*:*:*:*","matchCriteriaId":"8AD08FFB-D51A-4A93-A0FC-14F2F8AE80B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.3:*:std:*:*:*:*:*","matchCriteriaId":"D4BF8DD9-C511-46B2-AA71-83E0D214591C"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.4:*:std:*:*:*:*:*","matchCriteriaId":"845055EE-C586-4238-A6D9-9A72F4F302B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.5:*:std:*:*:*:*:*","matchCriteriaId":"E522C8B4-EF1C-44BF-B7F3-27E36AE975A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.6:*:std:*:*:*:*:*","matchCriteriaId":"567641E9-8618-48B8-83CD-25AF4C7A27D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.7:*:std:*:*:*:*:*","matchCriteriaId":"04260F18-1816-4347-83E0-6CE9C736841F"},{"vulnerable":true,"criteria":"cpe:2.3:a:futomi:access_analyzer_cgi:3.8:*:std:*:*:*:*:*","matchCriteriaId":"002162F2-C5AD-48AE-96D9-1A4D95E2F763"}]}]}],"references":[{"url":"http://jvn.jp/en/jp/JVN23558374/index.html","source":"cve@mitre.org"},{"url":"http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html","source":"cve@mitre.org"},{"url":"http://osvdb.org/52802","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/34271","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.futomi.com/library/info/2009/20090316.html","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/34123","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2009/0737","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49264","source":"cve@mitre.org"},{"url":"http://jvn.jp/en/jp/JVN23558374/index.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000015.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://osvdb.org/52802","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/34271","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.futomi.com/library/info/2009/20090316.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/34123","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2009/0737","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/49264","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}