CVE-2012-5343
Limny 3.0.1 - Cross-Site Scripting via PATH_INFO in admin/login.php
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-5343. PoCs published by Gjoko Krstic.
AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Limny 3.0.1 by injecting a malicious script via the URL path. The PoC triggers an alert dialog, proving arbitrary JavaScript execution in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in admin/login.php in Limny 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, related to the "PHP_SELF" variable.
Exploits (1)
This exploit demonstrates a reflected XSS vulnerability in Limny 3.0.1 by injecting a malicious script via the URL path. The PoC triggers an alert dialog, proving arbitrary JavaScript execution in the context of the affected site.