CVE-2010-5046

ecoCMS - Cross-Site Scripting via Admin.php p Parameter

Title source: llm

Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter.

exploitdb WORKING POC VERIFIED

by High-Tech Bridge SA · textwebappsphp

Core 7

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

Exploit, Third Party Advisory x_refsource_misc

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

Vendor Advisory third-party-advisory x_refsource_secunia

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

Vendor Advisory x_refsource_misc

EPSS 0.0630

EPSS Percentile 91.1%

CWE

CWE-79

Status published

Products (1)

ecocms/ecocms

Published Nov 23, 2011

Tracked Since Feb 18, 2026