Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-2392

Опубликовано: 27 июл. 2005
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta1:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta2:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta2:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta3:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta4:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta1:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta2:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta3:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta4:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta1:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta2:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta3:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta4:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta5:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta1:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta2:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta3:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta4:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta5:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4_beta:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:beta_1:*:*:*:*:*:*:*
cpe:2.3:a:cmsmadesimple:cms_made_simple:beta_2:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00558
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-2hhf-q463-9hv4

github
почти 4 года назад

Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.

EPSS

Процентиль: 68%
0.00558
Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other