EXPLOITDB-EDB-32933

EXPLOITDB text VERIFIED WORKING POC

Exploit for CVE-2009-4926 - Esoftpro Online Contact Manager - XSS

AI Analysis

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Online Contact Manager 3.0 by injecting a script tag into the 'showGroup' parameter. The PoC shows how arbitrary JavaScript can be executed in the context of the affected site.

Attack Type

XSS

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1059.007 - JavaScript

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language text

Files 1

https://www.exploit-db.com/exploits/32933

Authors

Vrs-hCk

Vulnerability

CVE-2009-4926

Esoftpro Online Contact Manager - XSS