CVE-2008-3937

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Open Media Collectors Database (OpenDb) 1.0.6. The vulnerability arises from insufficient sanitization of user-supplied input in the 'title' parameter, allowing arbitrary JavaScript execution in the context of the affected site.

This exploit demonstrates a cross-site scripting (XSS) vulnerability in Open Media Collectors Database (OpenDb) by injecting arbitrary JavaScript code via the 'redirect_url' parameter in the user_profile.php page. The PoC uses a simple 'alert(document.cookie)' payload to confirm the vulnerability.

This exploit demonstrates a reflected XSS vulnerability in Open Media Collectors Database (OpenDb) by injecting malicious JavaScript via the 'user_id' parameter in the 'user_admin.php' script. The PoC uses an img tag with an onerror event to execute arbitrary JavaScript, such as stealing cookies.