CMSimple Index.php Guestbook XSS Network Vulnerability

Summary

The remote host is running CMSimple, a CMS written in PHP. The version of CMSimple installed on the remote host is prone to cross-site scripting attacks due to its failure to sanitize user-supplied input to both the search and guestbook modules.

Solution

Upgrade to version 2.4 Beta 5 or higher.

References

http://securitytracker.com/alerts/2005/Jan/1012926.html

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
Advanced Image Hosting Cross Site Scripting Vulnerability
3Com NBX VoIP NetSet Detection
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability

CMSimple index.php guestbook XSS

Take action and discover your vulnerabilities