CVE-2011-5185

Realmatrix Online Subtitles Workshop < 2.0 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in video_comments.php in Online Subtitles Workshop before 2.0 rev 131 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.

Exploits (1)

exploitdb WORKING POC

by M.Jock3R · textwebappsphp

https://www.exploit-db.com/exploits/18035

View Code ZIP pw:eip

References (2)

Core 2

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18035

Patch x_refsource_confirm

http://onlinesubtitles.svn.sourceforge.net/viewvc/onlinesubtitles/video_comments.php?r1=31&r2=131&pathrev=146

Scores

EPSS 0.0076

EPSS Percentile 73.4%

Details

CWE

CWE-79

Status published

Products (1)

realmatrix/online_subtitles_workshop < 2.0

Published Sep 20, 2012

Tracked Since Feb 18, 2026