Published: 20/12/2005 Updated: 08/03/2011

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Allinta 2.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) s parameter to faq.asp and (2) searchQuery parameter to search.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
allinta allinta

source: wwwsecurityfocuscom/bid/15935/info Allinta CMS is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affe ...

source: wwwsecurityfocuscom/bid/15935/info Allinta CMS is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affect ...

NVD-CWE-Other http://secunia.com/advisories/18060 http://www.securityfocus.com/bid/15935 http://www.osvdb.org/21784 http://www.osvdb.org/21785 http://pridels0.blogspot.com/2005/12/allinta-23x-xss-vuln.html http://www.vupen.com/english/advisories/2005/2971 https://nvd.nist.gov https://www.exploit-db.com/exploits/26876/

CVE-2005-4374

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect