CVE-2006-1893
ar-blog 5.2 - Cross-Site Scripting via Print.php ID Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-1893. PoCs published by ALMOKANN3.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in ar-blog version 5.2, where user-supplied input is not properly sanitized. The example demonstrates a basic XSS payload injected via the 'id' parameter in print.php.
Description
Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in ar-blog version 5.2, where user-supplied input is not properly sanitized. The example demonstrates a basic XSS payload injected via the 'id' parameter in print.php.