CVE-2012-1039
Dotclear < 2.4.2 - Cross-Site Scripting via Multiple Admin Parameters
Title source: llmExploitation Summary
EIP tracks 4 public exploits for CVE-2012-1039. PoCs published by High-Tech Bridge SA.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Dotclear 2.4.1.2 by injecting arbitrary JavaScript code via the 'tag' parameter in the admin plugin interface. The payload executes an alert with the user's cookies, proving the vulnerability.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Dotclear before 2.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) login_data parameter to admin/auth.php; (2) nb parameter to admin/blogs.php; (3) type, (4) sortby, (5) order, or (6) status parameters to admin/comments.php; or (7) page parameter to admin/plugin.php.
Exploits (4)
This exploit demonstrates a reflected XSS vulnerability in Dotclear 2.4.1.2 by injecting arbitrary JavaScript code via the 'tag' parameter in the admin plugin interface. The payload executes an alert with the user's cookies, proving the vulnerability.
This exploit demonstrates multiple XSS vulnerabilities in Dotclear by injecting JavaScript via URL parameters. The PoC shows how unsanitized input in the admin interface can lead to arbitrary script execution.
This exploit demonstrates a reflected XSS vulnerability in Dotclear by injecting a malicious script via the 'nb' parameter in the admin/blogs.php page. The PoC uses a simple alert to display the user's cookies, proving the vulnerability.
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Dotclear by injecting malicious JavaScript into the 'login_data' parameter. The PoC submits a form with crafted input to trigger the XSS, potentially stealing cookies or performing other client-side attacks.