CVE-2009-5103
ATCOM Netvolution 1.0 ASP - Cross-Site Scripting via Email Variable
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2009-5103. PoCs published by Ellinas.
AI-analyzed exploit summary This exploit demonstrates SQL injection and XSS vulnerabilities in CMS netvolution v1.0. The SQLi allows extraction of database version, usernames, and passwords via error-based techniques, while the XSS is triggered via the 'email' parameter.
Description
Cross-site scripting (XSS) vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable.
Exploits (1)
This exploit demonstrates SQL injection and XSS vulnerabilities in CMS netvolution v1.0. The SQLi allows extraction of database version, usernames, and passwords via error-based techniques, while the XSS is triggered via the 'email' parameter.