CVE-2012-0899
Annuaire PHP - Cross-Site Scripting via referencement/sites_inscription.php url Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-0899. PoCs published by Atmon3r.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Annuaire PHP, where user-supplied data is not properly sanitized. The example URL demonstrates how an attacker could inject malicious script code via the 'nom' and 'url' parameters.
Description
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in Annuaire PHP, where user-supplied data is not properly sanitized. The example URL demonstrates how an attacker could inject malicious script code via the 'nom' and 'url' parameters.