EXPLOITDB-EDB-35297

EXPLOITDB text VERIFIED WRITEUP

Exploit for CVE-2011-4280 - Spike PHPCoverage <2.0.2 - XSS

AI Analysis

The provided text describes a cross-site scripting (XSS) vulnerability in Moodle versions prior to 2.0.1, where user-supplied input is not properly sanitized. The exploit involves injecting malicious scripts via the `PHPCOVERAGE_HOME` parameter in a specific URL.

Attack Type

XSS

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1059.007 - JavaScript

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/35297

Authors

AutoSec Tools

Vulnerability

CVE-2011-4280

Spike PHPCoverage <2.0.2 - XSS