CVE-2003-1372
myPHPNuke 1.8.8 - Cross-Site Scripting via ratenum or query Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2003-1372. PoCs published by Tacettin Karadeniz.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in myPHPNuke's 'links.php' due to insufficient HTML filtering. The PoC provides URLs that inject malicious script code, which executes in the context of the victim's browser.
Description
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in myPHPNuke's 'links.php' due to insufficient HTML filtering. The PoC provides URLs that inject malicious script code, which executes in the context of the victim's browser.