CVE-2012-6510

Netartmedia Car Portal - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; (4) Name when creating a sub user; (5) group name when creating a group; or (6) dealer name, (7) first name, or (8) last name when changing a profile.

Exploits (1)

exploitdb WRITEUP
by Vulnerability-Lab · textwebappsphp
https://www.exploit-db.com/exploits/18801

References (3)

Scores

EPSS 0.0508
EPSS Percentile 89.7%

Details

CWE
CWE-79
Status published
Products (2)
netartmedia/car_portal
n/a/n/a
Published Jan 24, 2013
Tracked Since Feb 18, 2026