CVE-2012-5104
UBB.threads <= 7.5.6 - Cross-Site Scripting via Loginname Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-5104. PoCs published by sonyy.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in UBB.threads 7.5.6 by injecting malicious JavaScript into the 'Loginname' parameter of a POST request. The payload bypasses input sanitization and executes arbitrary script code in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in UBB.threads 7.5.6 by injecting malicious JavaScript into the 'Loginname' parameter of a POST request. The payload bypasses input sanitization and executes arbitrary script code in the context of the affected site.