Exploitation Summary
EIP tracks 1 public exploit for CVE-2012-2274. PoCs published by High-Tech Bridge SA.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in PivotX by injecting a JavaScript payload via the 'file' parameter in ajaxhelper.php. The payload executes arbitrary script code in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in pivotx/ajaxhelper.php in PivotX 2.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Exploits (1)
This exploit demonstrates a reflected XSS vulnerability in PivotX by injecting a JavaScript payload via the 'file' parameter in ajaxhelper.php. The payload executes arbitrary script code in the context of the affected site.