CVE-2012-0989
OneOrZero AIMS 2.8.0 Trial Edition build231211 - Cross-Site Scripting via PATH_INFO to index.php
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-0989. PoCs published by High-Tech Bridge SA.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial build 231211. It includes a proof-of-concept URL demonstrating the vulnerability by injecting a script tag to execute arbitrary JavaScript in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial build 231211. It includes a proof-of-concept URL demonstrating the vulnerability by injecting a script tag to execute arbitrary JavaScript in the context of the affected site.