CVE-2009-0248
Katy Whitton RankEm - Cross-Site Scripting via siteID Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-0248. PoCs published by Pouya_Server.
AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in RankEm software, including direct database download (info_leak), XSS, and cookie manipulation via crafted URLs. It provides functional PoC URLs for each vulnerability type.
Description
Cross-site scripting (XSS) vulnerability in rankup.asp in Katy Whitton RankEm allows remote attackers to inject arbitrary web script or HTML via the siteID parameter.
Exploits (1)
The exploit demonstrates multiple vulnerabilities in RankEm software, including direct database download (info_leak), XSS, and cookie manipulation via crafted URLs. It provides functional PoC URLs for each vulnerability type.