CVE-2012-2906
Artiphp CMS 5.5.0 Neo - Cross-Site Scripting via artpublic/recommandation/index.php Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-2906. PoCs published by Gjoko Krstic.
AI-analyzed exploit summary This exploit demonstrates multiple cross-site scripting (XSS) vulnerabilities in Artiphp 5.5.0 Neo by injecting malicious JavaScript payloads into various POST parameters. The payloads trigger when a user interacts with the affected fields, such as hovering over them.
Description
Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add_img_name_post, (2) asciiart_post, (3) expediteur, (4) titre_sav, or (5) z39d27af885b32758ac0e7d4014a61561 parameter.
Exploits (1)
This exploit demonstrates multiple cross-site scripting (XSS) vulnerabilities in Artiphp 5.5.0 Neo by injecting malicious JavaScript payloads into various POST parameters. The payloads trigger when a user interacts with the affected fields, such as hovering over them.