CVE-2011-4561
Phorum 5.2.18 - Cross-Site Scripting via PATH_INFO to admin/index.php
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-4561. PoCs published by Stefan Schurtz.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Phorum 5.2.18 by injecting malicious JavaScript into the admin URL path, which executes arbitrary script code in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in admin.php in Phorum 5.2.18 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/index.php. NOTE: some of these details are obtained from third party information.
Exploits (1)
This exploit demonstrates a reflected XSS vulnerability in Phorum 5.2.18 by injecting malicious JavaScript into the admin URL path, which executes arbitrary script code in the context of the affected site.