Exploitation Summary
EIP tracks 1 public exploit for CVE-2012-2911. PoCs published by LiquidWorm.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in backupDB() 1.2.7a by injecting a malicious script via the 'onlyDB' parameter. The script executes in the context of the affected site, potentially stealing cookie-based authentication credentials.
Description
Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote attackers to inject arbitrary web script or HTML via the onlyDB parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in backupDB() 1.2.7a by injecting a malicious script via the 'onlyDB' parameter. The script executes in the context of the affected site, potentially stealing cookie-based authentication credentials.