CVE-2012-6510

NetArt Media Car Portal 3.0 - Stored Cross-Site Scripting via Multiple Input Fields

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6510. PoCs published by Vulnerability-Lab.

AI-analyzed exploit summary This is a detailed vulnerability writeup for CVE-2012-6510, describing multiple web vulnerabilities in Car Portal CMS v3.0, including persistent XSS, CSRF, and arbitrary file upload. It provides proof-of-concept examples but does not include executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; (4) Name when creating a sub user; (5) group name when creating a group; or (6) dealer name, (7) first name, or (8) last name when changing a profile.

Exploits (1)

exploitdb WRITEUP
by Vulnerability-Lab · textwebappsphp
https://www.exploit-db.com/exploits/18801

This is a detailed vulnerability writeup for CVE-2012-6510, describing multiple web vulnerabilities in Car Portal CMS v3.0, including persistent XSS, CSRF, and arbitrary file upload. It provides proof-of-concept examples but does not include executable exploit code.

Classification
Writeup 100%
Attack Type
Xss | Csrf | Other
Complexity
Moderate
Reliability
Theoretical
Target: Car Portal CMS v3.0
Auth required
Prerequisites: Access to vulnerable modules · Admin or user session for CSRF · File upload permissions
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53267

Scores

EPSS 0.0164
EPSS Percentile 73.5%

Details

CWE
CWE-79
Status published
Products (1)
netartmedia/car_portal 3.0
Published Jan 24, 2013
Tracked Since Feb 18, 2026