Vulnerabilities > CVE-2005-4385 - Cross-Site Scripting vulnerability in Cofax Search.HTM

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

cofax

exploit available

NVD

Published: 2005-12-20

Updated: 2011-03-08

Summary

Cross-site scripting (XSS) vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.

Vulnerable Configurations

Part	Description	Count
Application	Cofax Cofax Cofax 1.9.9C Cofax Cofax 1.9.9D Cofax Cofax 2.0_Rc1 Cofax Cofax 2.0_Rc2 Cofax Cofax 2.0_Rc3	5

Exploit-Db

description	Cofax 2.0 Search.HTM Cross-Site Scripting Vulnerability. CVE-2005-4385 . Webapps exploit for php platform
id	EDB-ID:26879
last seen	2016-02-03
modified	2005-12-19
published	2005-12-19
reporter	r0t3d3Vil
source	https://www.exploit-db.com/download/26879/
title	Cofax 2.0 - Search.HTM Cross-Site Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References