Vulnerabilities > CVE-2005-4374 - Cross-Site Scripting vulnerability in Allinta CMS
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description allinta CMS 2.3.2 search.asp searchQuery Parameter XSS. CVE-2005-4374. Webapps exploit for asp platform id EDB-ID:26876 last seen 2016-02-03 modified 2005-12-19 published 2005-12-19 reporter r0t3d3Vil source https://www.exploit-db.com/download/26876/ title allinta CMS 2.3.2 - search.asp searchQuery Parameter XSS description allinta CMS 2.3.2 faq.asp s Parameter XSS. CVE-2005-4374. Webapps exploit for asp platform id EDB-ID:26875 last seen 2016-02-03 modified 2005-12-19 published 2005-12-19 reporter r0t3d3Vil source https://www.exploit-db.com/download/26875/ title allinta CMS 2.3.2 faq.asp s Parameter XSS