CVE-2006-6851
ac4p Mobilelib gold 2 - Cross-Site Scripting via Email or Error Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-6851. PoCs published by viP HaCKEr.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Mobilelib GOLD by injecting arbitrary JavaScript via the 'email' and 'errr' parameters in the contact_us.php page. The PoC uses URL-encoded script tags to execute external JavaScript from a malicious domain.
Description
Multiple cross-site scripting (XSS) vulnerabilities in contact_us.php in ac4p Mobilelib gold 2 allow remote attackers to inject arbitrary web script or HTML via the (1) email or (2) errr parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Mobilelib GOLD by injecting arbitrary JavaScript via the 'email' and 'errr' parameters in the contact_us.php page. The PoC uses URL-encoded script tags to execute external JavaScript from a malicious domain.