Description
Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to inject arbitrary web script or HTML via the sitetitle parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/34533
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/513361/100/0/threaded
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8434
Exploit x_refsource_misc
http://www.htbridge.ch/advisory/xss_vulnerability_in_auto_cms.html
Scores
EPSS
0.0292
EPSS Percentile
86.5%
Details
CWE
CWE-79
Status
published
Products (1)
ventics/auto_cms
1.6
Published
Oct 07, 2011
Tracked Since
Feb 18, 2026