CVE-2005-2392
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
- http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html
- http://secunia.com/advisories/16147
- http://securitytracker.com/id?1014556
- http://www.aria-security.net/advisory/cmsimple.txt
- http://www.cmsimple.dk/forum/viewtopic.php?t=2470
- http://www.osvdb.org/18128
- http://www.securityfocus.com/archive/1/442106/100/100/threaded
- http://www.securityfocus.com/bid/14346
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime