What is the severity of CVE-2005-2392?

CVE-2005-2392 is classified with a medium severity due to its cross-site scripting potential.

How do I fix CVE-2005-2392?

To fix CVE-2005-2392, upgrade to CMSimple version 2.5 or later where the vulnerability has been patched.

What types of attacks are possible with CVE-2005-2392?

Attackers can perform cross-site scripting attacks allowing unauthorized scripts to run in the user's browser.

Which software versions are affected by CVE-2005-2392?

CVE-2005-2392 affects CMSimple versions 2.4 and earlier, including beta versions.

Can CVE-2005-2392 affect user data?

Yes, CVE-2005-2392 can compromise user data by executing scripts that can capture sensitive information.

Vulnerability/
CVE-2005-2392

medium

4.3

CWE

NVD-CWE-Other 79

27/7/2005

7/8/2024

CVE-2005-2392: XSS

First published: Wed Jul 27 2005(Updated: )

Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
CMS Made Simple	=1.0
CMS Made Simple	=1.1
CMS Made Simple	=1.2
CMS Made Simple	=1.3-beta1
CMS Made Simple	=1.3-beta2
CMS Made Simple	=2.0-beta1
CMS Made Simple	=2.0-beta2
CMS Made Simple	=2.0-beta3
CMS Made Simple	=2.0-beta4
CMS Made Simple	=2.1
CMS Made Simple	=2.2
CMS Made Simple	=2.2-beta1
CMS Made Simple	=2.2-beta2
CMS Made Simple	=2.2-beta3
CMS Made Simple	=2.2-beta4
CMS Made Simple	=2.3
CMS Made Simple	=2.3-beta1
CMS Made Simple	=2.3-beta2
CMS Made Simple	=2.3-beta3
CMS Made Simple	=2.3-beta4
CMS Made Simple	=2.3-beta5
CMS Made Simple	=2.4-beta1
CMS Made Simple	=2.4-beta2
CMS Made Simple	=2.4-beta3
CMS Made Simple	=2.4-beta4
CMS Made Simple	=2.4-beta5
CMS Made Simple	=2.4_beta
CMS Made Simple	=beta_1
CMS Made Simple	=beta_2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-2392?
CVE-2005-2392 is classified with a medium severity due to its cross-site scripting potential.
How do I fix CVE-2005-2392?
To fix CVE-2005-2392, upgrade to CMSimple version 2.5 or later where the vulnerability has been patched.
What types of attacks are possible with CVE-2005-2392?
Attackers can perform cross-site scripting attacks allowing unauthorized scripts to run in the user's browser.
Which software versions are affected by CVE-2005-2392?
CVE-2005-2392 affects CMSimple versions 2.4 and earlier, including beta versions.
Can CVE-2005-2392 affect user data?
Yes, CVE-2005-2392 can compromise user data by executing scripts that can capture sensitive information.

agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/remedy
agent/severity
agent/weakness
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/cmsmadesimple
canonical/cms made simple
version/cms made simple/1.0
version/cms made simple/1.1
version/cms made simple/1.2
version/cms made simple/1.3-beta1
version/cms made simple/1.3-beta2
version/cms made simple/2.0-beta1
version/cms made simple/2.0-beta2
version/cms made simple/2.0-beta3
version/cms made simple/2.0-beta4
version/cms made simple/2.1
version/cms made simple/2.2
version/cms made simple/2.2-beta1
version/cms made simple/2.2-beta2
version/cms made simple/2.2-beta3
version/cms made simple/2.2-beta4
version/cms made simple/2.3
version/cms made simple/2.3-beta1
version/cms made simple/2.3-beta2
version/cms made simple/2.3-beta3
version/cms made simple/2.3-beta4
version/cms made simple/2.3-beta5
version/cms made simple/2.4-beta1
version/cms made simple/2.4-beta2
version/cms made simple/2.4-beta3
version/cms made simple/2.4-beta4
version/cms made simple/2.4-beta5
version/cms made simple/2.4_beta
version/cms made simple/beta_1
version/cms made simple/beta_2

Frequently Asked Questions

What is the severity of CVE-2005-2392?
CVE-2005-2392 is classified with a medium severity due to its cross-site scripting potential.
How do I fix CVE-2005-2392?
To fix CVE-2005-2392, upgrade to CMSimple version 2.5 or later where the vulnerability has been patched.
What types of attacks are possible with CVE-2005-2392?
Attackers can perform cross-site scripting attacks allowing unauthorized scripts to run in the user's browser.
Which software versions are affected by CVE-2005-2392?
CVE-2005-2392 affects CMSimple versions 2.4 and earlier, including beta versions.
Can CVE-2005-2392 affect user data?
Yes, CVE-2005-2392 can compromise user data by executing scripts that can capture sensitive information.

CVE-2005-2392: XSS

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2005-2392?

How do I fix CVE-2005-2392?

What types of attacks are possible with CVE-2005-2392?

Which software versions are affected by CVE-2005-2392?

Can CVE-2005-2392 affect user data?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2005-2392?

How do I fix CVE-2005-2392?

What types of attacks are possible with CVE-2005-2392?

Which software versions are affected by CVE-2005-2392?

Can CVE-2005-2392 affect user data?