CVE-2006-0110

Foro Domus 2.10 - Cross-Site Scripting via Email Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0110. PoCs published by Aliaksandr Hartsuyeu.

AI-analyzed exploit summary The provided text describes a vulnerability in Foro Domus version 2.10, specifically an XSS issue due to improper input sanitization. It includes an example URI demonstrating the exploit but does not contain executable code.

Description

Cross-site scripting (XSS) vulnerability in escribir.php in Foro Domus 2.10 allows remote attackers to inject arbitrary web script via the email parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Aliaksandr Hartsuyeu · textwebappsphp

https://www.exploit-db.com/exploits/27033

View Code ZIP pw:eip

The provided text describes a vulnerability in Foro Domus version 2.10, specifically an XSS issue due to improper input sanitization. It includes an example URI demonstrating the exploit but does not contain executable code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: Foro Domus 2.10

No auth needed

Prerequisites: Access to the vulnerable application

MITRE ATT&CK