CVE-2008-6061
Techsmith Camtasia Studio < 4.0.2 - Cross-Site Scripting via csPreloader Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-6061. PoCs published by Rich Cannings.
AI-analyzed exploit summary The exploit describes a remote code execution vulnerability in Camtasia Studio due to improper input sanitization. The provided URL demonstrates how an attacker can inject a malicious SWF file via the 'csPreloader' parameter.
Description
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) controller files created by Techsmith Camtasia Studio before 5 allows remote attackers to inject arbitrary additional SWF content via a URL in the csPreloader parameter.
Exploits (1)
The exploit describes a remote code execution vulnerability in Camtasia Studio due to improper input sanitization. The provided URL demonstrates how an attacker can inject a malicious SWF file via the 'csPreloader' parameter.