Summary
The remote host is running CMSimple, a CMS written in PHP.
The version of CMSimple installed on the remote host is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input to both the search and guestbook modules.
Solution
Upgrade to version 2.4 Beta 5 or higher.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Subversion Module Metadata Accessible
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
- appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
- Allaire JRun directory browsing vulnerability
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities