Exploitation Summary
EIP tracks 2 public exploits for CVE-2010-0936. PoCs published by POPCORN.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in D-LINK DKVM-IP8 due to improper input sanitization in the 'nickname' POST variable. The provided example demonstrates how arbitrary script code can be executed in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter.
Exploits (2)
The exploit describes a cross-site scripting (XSS) vulnerability in D-LINK DKVM-IP8 due to improper input sanitization in the 'nickname' POST variable. The provided example demonstrates how arbitrary script code can be executed in the context of the affected site.
This exploit demonstrates a Cross-Site Scripting (XSS) vulnerability in D-LINK DKVM-IP8 by injecting malicious input into the 'nickname' POST parameter. The payload '1>">">' is designed to break out of HTML attributes and inject arbitrary script code.