Description
Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Pouya_Server · textwebappsphp
https://www.exploit-db.com/exploits/7805
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48071
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/33324
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/7805
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48072
Scores
EPSS
0.0313
EPSS Percentile
86.9%
Details
CWE
CWE-79
Status
published
Products (1)
katywhitton/rankem
Published
Jan 22, 2009
Tracked Since
Feb 18, 2026