ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...

CVE-2010-5046

Cross-site scripting XSS vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter...

CVE-2010-5046

CVE-2010-5046 is a Cross‑Site Scripting (XSS) flaw in ecoCMS: the admin.php script vulnerable via the p parameter allows remote attackers to inject arbitrary script/HTML. The vulnerability affects ecoCMS’ admin page and can be triggered by crafting requests to admin.php?p=…; exploitation details ...

CVE-2010-5046

Cross-site scripting XSS vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter...

ecoCMS 18.4.2010 - admin.php Cross-Site Scripting

ecoCMS 18.4.2010 - admin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/39901/info ecoCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

ecoCMS 18.4.2010 - 'admin.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/39901/info ecoCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

ecoCMS Cross Site Scripting

Vulnerability ID: HTB22353 Reference: http://www.htbridge.ch/advisory/xssinecocms.html Product: ecoCMS Vendor: ecoCMS Team Vulnerable Version: Current at 18.04.2010 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendo...

XSS in ecoCMS

Vulnerability ID: HTB22353 Reference: http://www.htbridge.ch/advisory/xssinecocms.html Product: ecoCMS Vendor: ecoCMS Team Vulnerable Version: Current at 18.04.2010 and Probably Prior Versions Vendor Notification: 18 April 2010 Vulnerability Type: XSS Cross Site Scripting Status: Not Fixed, Vendo...

Cross-site Scripting Vulnerability in ecoCMS

High-Tech Bridge SA Security Research Lab has discovered vulnerability in ecoCMS which could be exploited to perform cross-site scripting XSS attacks. 1 Cross-site scripting vulnerability in ecoCMS: CVE-2010-5046 Input validation error was found in the "p" parameter in /admin.php. A remote attack...