CVE-2010-4882
Auto CMS 1.6 - Cross-Site Scripting via Sitetitle Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4882. PoCs published by High-Tech Bridge SA.
AI-analyzed exploit summary This exploit demonstrates a stored cross-site scripting (XSS) vulnerability in Auto CMS 1.6. The PoC submits a form with malicious JavaScript embedded in the 'sitetitle' field, which executes when rendered by the application.
Description
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.
Exploits (1)
This exploit demonstrates a stored cross-site scripting (XSS) vulnerability in Auto CMS 1.6. The PoC submits a form with malicious JavaScript embedded in the 'sitetitle' field, which executes when rendered by the application.