Exploitation Summary
EIP tracks 2 public exploits for CVE-2006-1417. PoCs published by r0t.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Online Quiz System, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could inject arbitrary script code via the 'msg' parameter.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.
Exploits (2)
The provided text describes a cross-site scripting (XSS) vulnerability in Online Quiz System, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could inject arbitrary script code via the 'msg' parameter.
The provided text describes a cross-site scripting (XSS) vulnerability in Online Quiz System, where user-supplied input is not properly sanitized. The example URL demonstrates how an attacker could inject arbitrary script code via the 'exam' parameter.