CVE-2004-0032
phpgedview 2.61 - Cross-Site Scripting via Search Firstname Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-0032. PoCs published by Windak.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in PhpGedView by injecting a malicious script into the 'firstname' parameter of the search.php page. The script executes in the context of the victim's browser, potentially stealing cookies or performing other malicious actions.
Description
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in PhpGedView by injecting a malicious script into the 'firstname' parameter of the search.php page. The script executes in the context of the victim's browser, potentially stealing cookies or performing other malicious actions.