Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-1582. PoCs published by Amine ABOUD.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Blank'N'Berg 0.2 by injecting a script tag into the `_path` parameter, which executes arbitrary JavaScript in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Blank'N'Berg 0.2 by injecting a script tag into the `_path` parameter, which executes arbitrary JavaScript in the context of the affected site.