Exploitation Summary
EIP tracks 1 public exploit for CVE-2011-4540. PoCs published by Dognædis.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in AtMail 1.0.4, where user-supplied input is not properly sanitized. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.
Description
Multiple cross-site scripting (XSS) vulnerabilities in AtMail Open (aka AtMail Open-Source edition) 1.04 allow remote attackers to inject arbitrary web script or HTML via the func parameter to (1) ldap.php or (2) search.php.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in AtMail 1.0.4, where user-supplied input is not properly sanitized. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.