CVE-2005-0629
427BB 2.2 - Cross-Site Scripting via User or Avatar Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0629. PoCs published by Hackerlounge Research Group.
AI-analyzed exploit summary The provided text describes an HTML injection vulnerability in 427BB, where unsanitized user input in the 'user' parameter of profile.php can be exploited to inject arbitrary HTML or script code. This could lead to cookie theft or other client-side attacks.
Description
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.
Exploits (1)
The provided text describes an HTML injection vulnerability in 427BB, where unsanitized user input in the 'user' parameter of profile.php can be exploited to inject arbitrary HTML or script code. This could lead to cookie theft or other client-side attacks.