CVE-2005-4161
milliscripts 1.4 - Cross-Site Scripting via Domainname Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-4161. PoCs published by Security Nation.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in MilliScripts due to improper input validation. The PoC shows how an attacker can inject arbitrary script code via the 'domainname' parameter in the registration process.
Description
Multiple cross-site scripting (XSS) vulnerabilities in MilliScripts 1.4 redirect script allow remote attackers to inject arbitrary web script or HTML via the domainname parameter to register.php, and other unspecified vectors. NOTE: the vendor has disputed this issue, stating "No invalid input can reach the script.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in MilliScripts due to improper input validation. The PoC shows how an attacker can inject arbitrary script code via the 'domainname' parameter in the registration process.