Cross-Site Scripting Vulnerability in Zeeways eBay Clone Auction Script
CVE-2010-2144

Currently unrated

Key Information:

Vendor

Zeeways

Status
Ebay Clone Auction Script
Vendor
CVE Published:
3 June 2010

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2010-2144?

The Zeeways eBay Clone Auction Script is vulnerable to a Cross-Site Scripting (XSS) attack through the signinform.php page. This vulnerability allows attackers to inject arbitrary web scripts or HTML into the application via the 'msg' parameter, potentially leading to unauthorized actions and exposure of sensitive user information. It is crucial for users of the affected software to implement security measures and apply patches where available to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2010-2144 - Proof of Concept

CVE-2010-2144 - Proof of Concept

References

http://packetstormsecurity.org/1005-exploits/zeeways-xss.txt
x_refsource_MISC
http://www.exploit-db.com/exploits/12805
exploitx_refsource_EXPLOIT-DB
http://www.vupen.com/english/advisories/2010/1289
vdb-entryx_refsource_VUPEN

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.