CVE-2015-1054
Crea8Social 2.0 - Authenticated Stored Cross-Site Scripting via Game Content Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2015-1054. PoCs published by Yudhistira B W.
AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in Crea8Social v2.0, where an attacker can inject malicious JavaScript via the 'Game Content' field to alter the user interface. The PoC demonstrates the vulnerability but does not include executable exploit code.
Description
Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0 allows remote authenticated users to inject arbitrary web script or HTML via the Game Content field in Add Game.
Exploits (1)
This is a writeup describing a stored XSS vulnerability in Crea8Social v2.0, where an attacker can inject malicious JavaScript via the 'Game Content' field to alter the user interface. The PoC demonstrates the vulnerability but does not include executable exploit code.