cve/CVE-2012-1788.md at 41fbf31e3d6076a9d40c80bb3e1e4187f08a58e2

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lostpw action; or (2) help_name, (3) help_email, (4) help_website, or (5) help_example_url parameters in an hd_modify_record action.

POC

Reference

http://packetstormsecurity.org/files/110224/WonderDesk-Cross-Site-Scripting.html
http://st2tea.blogspot.com/2012/02/wonderdesk-cross-site-scripting.html

Github

No PoCs found on GitHub currently.

904 B Raw Blame History

CVE-2012-1788

Description

POC

Reference

Github

904 B

Raw Blame History