CVE-2011-5177
eSyndiCat Pro 2.3.05 - Cross-Site Scripting via Admin Controller Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2011-5177. PoCs published by d3v1l.
AI-analyzed exploit summary The provided text describes multiple XSS vulnerabilities in eSyndiCat Pro 2.3.05 due to improper input sanitization. It includes example URLs demonstrating the vulnerabilities but does not contain executable exploit code.
Description
Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to the admins (2) blocks, (3) articles, or (4) suggest-category; or (5) sort parameter to the search page.
Exploits (1)
The provided text describes multiple XSS vulnerabilities in eSyndiCat Pro 2.3.05 due to improper input sanitization. It includes example URLs demonstrating the vulnerabilities but does not contain executable exploit code.