CVE-2012-2099
Wikidforum 2.10 - Cross-Site Scripting via Search Field or Advanced Search Parameters
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2012-2099. PoCs published by Stefan Schurtz.
AI-analyzed exploit summary The provided text describes SQL injection and XSS vulnerabilities in Wikidforum 2.10 due to insufficient input sanitization. It includes a basic XSS payload example for the search field.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Wikidforum 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) search field, or the (2) Author or (3) select_sort parameters in an advanced search.
Exploits (2)
The provided text describes SQL injection and XSS vulnerabilities in Wikidforum 2.10 due to insufficient input sanitization. It includes a basic XSS payload example for the search field.
The provided text describes SQL injection and XSS vulnerabilities in Wikidforum 2.10, detailing specific attack vectors in the search functionality. It includes example payloads for XSS but does not contain executable exploit code.