Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.56994
Category:CGI abuses
Title:CMSimple Multiple Input Validation Vulnerabilities
Summary:NOSUMMARY
Description:Description:

The remote version of CMSimple, according to its version
number, is vulnerable to multiple input validation vulnerabilities.
These vulnerabilities allow attackers to inject arbitrary HTML
code and to perform cross site scripting attacks.

Versions prior to 2.4 Beta 5 are vulnerable.

Solution : Upgrade to a later version.

Risk factor : Medium

CVSS Score:
4.3

Cross-Ref: BugTraq ID: 12303
Common Vulnerability Exposure (CVE) ID: CVE-2005-2392
BugTraq ID: 14346
http://www.securityfocus.com/bid/14346
Bugtraq: 20060803 CMSimple Cross Site Scripting (Google Search)
http://www.securityfocus.com/archive/1/442106/100/100/threaded
http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html
http://www.aria-security.net/advisory/cmsimple.txt
http://www.osvdb.org/18128
http://securitytracker.com/id?1014556
http://secunia.com/advisories/16147
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.