Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-0948. PoCs published by b0iler.
AI-analyzed exploit summary The exploit demonstrates HTML and SSI injection vulnerabilities in MakeBook guestbook software due to insufficient input sanitization. It provides examples of arbitrary HTML and Server-Side Includes (SSI) injection, which could lead to XSS or command execution depending on the server configuration.
Description
Scripts For Educators MakeBook 2.2 CGI program allows remote attackers to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered.
Exploits (1)
The exploit demonstrates HTML and SSI injection vulnerabilities in MakeBook guestbook software due to insufficient input sanitization. It provides examples of arbitrary HTML and Server-Side Includes (SSI) injection, which could lead to XSS or command execution depending on the server configuration.