Exploitation Summary
EIP tracks 1 public exploit for CVE-2005-4293. PoCs published by r0t3d3Vil.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Kryptronic ClickCartPro due to improper input sanitization. The PoC URL injects arbitrary JavaScript code via the 'affl' parameter, which executes in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in cp-app.cgi in ClickCartPro (CCP) 5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the affl parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Kryptronic ClickCartPro due to improper input sanitization. The PoC URL injects arbitrary JavaScript code via the 'affl' parameter, which executes in the context of the affected site.