CVE-2012-2906
CVE-2012-2906
Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add_img_name_post, (2) asciiart_post, (3) expediteur, (4) titre_sav, or (5) z39d27af885b32758ac0e7d4014a61561 parameter.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.org/files/112804/Artiphp-CMS-5.5.0-Cross-Site-Scripting.htmlunverifiedexploitdbwww.exploit-db.com/exploits/37217unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.org/files/112804/Artiphp-CMS-5.5.0-Cross-Site-Scripting.htmlhttp://secunia.com/advisories/49195https://exchange.xforce.ibmcloud.com/vulnerabilities/75689http://www.osvdb.org/81990http://www.securityfocus.com/bid/53586http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5090.php