Summary
The remote host is running CMSimple, a CMS written in PHP.
The version of CMSimple installed on the remote host is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input to the search field.
Solution
See http://www.cmsimple.dk/forum/viewtopic.php?t=2470
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2005-2392 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Apache Tomcat NIO Connector Denial of Service Vulnerability