CVE-2012-5341
Otterware StatIt 4 - Cross-Site Scripting via Multiple Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-5341. PoCs published by sonyy.
AI-analyzed exploit summary The exploit demonstrates multiple XSS vulnerabilities in StatIt 4 by injecting malicious JavaScript payloads via URL parameters. The payloads bypass input sanitization and execute arbitrary script code in the context of the affected site.
Description
Multiple cross-site scripting (XSS) vulnerabilities in statistik.php in Otterware StatIt 4 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter, (2) show parameter in a stat_tld action, or (3) order parameter in a stat_abfragen action.
Exploits (1)
The exploit demonstrates multiple XSS vulnerabilities in StatIt 4 by injecting malicious JavaScript payloads via URL parameters. The payloads bypass input sanitization and execute arbitrary script code in the context of the affected site.