CVE-2012-6505
PHP Volunteer Management 1.0.2 - Cross-Site Scripting via id Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-6505. PoCs published by G13.
AI-analyzed exploit summary This is a writeup detailing XSS and SQL injection vulnerabilities in PHP Volunteer Management 1.0.2. It includes PoC URLs demonstrating reflective XSS and time-based SQLi via the 'id' parameter in get_hours.php.
Description
Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Exploits (1)
This is a writeup detailing XSS and SQL injection vulnerabilities in PHP Volunteer Management 1.0.2. It includes PoC URLs demonstrating reflective XSS and time-based SQLi via the 'id' parameter in get_hours.php.