CVE-2012-6043
php-fusion 7.02.04 - Cross-Site Scripting via downloads.php cat_id Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-6043. PoCs published by Am!r.
AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.04, where user-supplied input via the 'cat_id' parameter in downloads.php is not properly sanitized. This allows arbitrary script execution in the context of the affected site.
Description
Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
Exploits (1)
The provided text describes a cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.04, where user-supplied input via the 'cat_id' parameter in downloads.php is not properly sanitized. This allows arbitrary script execution in the context of the affected site.