CVE-2011-4564
Active CMS 1.2 - Cross-Site Scripting via Admin Script Mod Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-4564. PoCs published by Stefan Schurtz.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Active CMS 1.2.0 by injecting a malicious script into the 'mod' parameter of the admin module. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies or performing other malicious actions.
Description
Cross-site scripting (XSS) vulnerability in the admin script in Active CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter in a module action.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Active CMS 1.2.0 by injecting a malicious script into the 'mod' parameter of the admin module. The script executes arbitrary JavaScript in the context of the affected site, potentially stealing cookies or performing other malicious actions.