CVE-2010-4976
MetInfo 3.0 - Cross-Site Scripting via Search Box Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4976. PoCs published by anT!-Tr0J4n.
AI-analyzed exploit summary This is a writeup describing multiple vulnerabilities in MetInfo 3.0, including directory traversal for file disclosure and XSS. It provides example URLs but no functional exploit code.
Description
Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information.
Exploits (1)
This is a writeup describing multiple vulnerabilities in MetInfo 3.0, including directory traversal for file disclosure and XSS. It provides example URLs but no functional exploit code.