CVE-2005-0270

ReviewPost PHP Pro < 2.84 - Cross-Site Scripting via si, cat, page, or report Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0270. PoCs published by GulfTech Security.

AI-analyzed exploit summary This is a vulnerability advisory detailing multiple issues in ReviewPost <= 2.84, including XSS, SQL injection, and arbitrary file upload vulnerabilities. It provides URLs and parameters for exploitation but does not include functional exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to inject arbitrary web script or HTML via the (1) si parameter to showcat.php, (2) cat or (3) page parameter to showproduct.php, or (4) report parameter to reportproduct.php.

Exploits (1)

exploitdb WRITEUP
by GulfTech Security · textwebappsphp
https://www.exploit-db.com/exploits/43821

This is a vulnerability advisory detailing multiple issues in ReviewPost <= 2.84, including XSS, SQL injection, and arbitrary file upload vulnerabilities. It provides URLs and parameters for exploitation but does not include functional exploit code.

Classification
Writeup 100%
Attack Type
Xss | Sqli | Other
Complexity
Trivial
Reliability
Theoretical
Target: ReviewPost <= 2.84
No auth needed
Prerequisites: Access to vulnerable ReviewPost installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18731
Exploit, Vendor Advisory x_refsource_misc
http://www.gulftech.org/?node=research&article_id=00062-01022005
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/13697/
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110485682424110&w=2

Scores

EPSS 0.0175
EPSS Percentile 74.9%

Details

Status published
Products (4)
photopost/reviewpost_php_pro 1.0.2
photopost/reviewpost_php_pro 2.5
photopost/reviewpost_php_pro 2.5.1
photopost/reviewpost_php_pro < 2.84
Published May 02, 2005
Tracked Since Feb 18, 2026