Description
Cross-site scripting (XSS) vulnerability in wholite.cgi in WhoDomLite 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the dom parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ghost Hacker · textwebappscgi
https://www.exploit-db.com/exploits/32430
References (5)
Core 5
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32085
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/48630
Exploit, URL Repurposed x_refsource_misc
http://yee7.com/forums/showthread.php?p=8021
Exploit x_refsource_misc
http://www.tryag.com/cc/showthread.php?t=27577
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31436
Scores
EPSS
0.0053
EPSS Percentile
67.4%
Details
CWE
CWE-79
Status
published
Products (1)
noc2/whodomlite
1.1.3
Published
Oct 24, 2008
Tracked Since
Feb 18, 2026