CVE-2012-2570
X-Cart Gold 4.5 - Cross-Site Scripting via products_map.php symb Parameter
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2012-2570. PoCs published by muts, Am!r.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in X-Cart Gold 4.5 via the 'symb' parameter in 'products_map.php'. The payload bypasses incomplete XSS filtering using URL encoding and HTML anchor methods.
Description
Cross-site scripting (XSS) vulnerability in products_map.php in X-Cart Gold 4.5 allows remote attackers to inject arbitrary web script or HTML via the symb parameter.
Exploits (2)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in X-Cart Gold 4.5 via the 'symb' parameter in 'products_map.php'. The payload bypasses incomplete XSS filtering using URL encoding and HTML anchor methods.
This is a vulnerability writeup describing an arbitrary file upload vulnerability in the chenpress plugin for WordPress. The issue arises due to insufficient input sanitization, allowing attackers to upload and execute arbitrary code.