CVE-2005-2392

N/A Unknown

Published: July 27, 2005 Modified: April 16, 2026

Description

Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html

Source: cve@mitre.org

http://secunia.com/advisories/16147

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1014556

Source: cve@mitre.org

Patch

http://www.aria-security.net/advisory/cmsimple.txt

Source: cve@mitre.org

http://www.cmsimple.dk/forum/viewtopic.php?t=2470

Source: cve@mitre.org

Patch

http://www.osvdb.org/18128

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/442106/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/14346

Source: cve@mitre.org

Patch

http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html