Exploitation Summary
EIP tracks 1 public exploit for CVE-2004-2413. PoCs published by IMAN Sharafoddin.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Invision Power Board's 'ssi.php' script due to insufficient sanitization of the 'f' parameter. It includes a proof-of-concept URL demonstrating the vulnerability.
Description
SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in Invision Power Board's 'ssi.php' script due to insufficient sanitization of the 'f' parameter. It includes a proof-of-concept URL demonstrating the vulnerability.