Описание
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-2392
- http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html
- http://secunia.com/advisories/16147
- http://securitytracker.com/id?1014556
- http://www.aria-security.net/advisory/cmsimple.txt
- http://www.cmsimple.dk/forum/viewtopic.php?t=2470
- http://www.osvdb.org/18128
- http://www.securityfocus.com/archive/1/442106/100/100/threaded
- http://www.securityfocus.com/bid/14346
EPSS
Процентиль: 68%
0.00558
Низкий
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
EPSS
Процентиль: 68%
0.00558
Низкий