CVE-2005-2392

Published: Jul 27, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.

Affected (29)

Products: Cmsmadesimple: Cms Made Simple

Cmsmadesimple

1 product

Cms Made Simple

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Cmsmadesimple Cms Made Simple	Version 1.0
Cmsmadesimple Cms Made Simple	Version 1.1
Cmsmadesimple Cms Made Simple	Version 1.2
Cmsmadesimple Cms Made Simple	Version 1.3 beta1
Cmsmadesimple Cms Made Simple	Version 1.3 beta2
Cmsmadesimple Cms Made Simple	Version 2.0 beta1
Cmsmadesimple Cms Made Simple	Version 2.0 beta2
Cmsmadesimple Cms Made Simple	Version 2.0 beta3
Cmsmadesimple Cms Made Simple	Version 2.0 beta4
Cmsmadesimple Cms Made Simple	Version 2.1
Cmsmadesimple Cms Made Simple	Version 2.2
Cmsmadesimple Cms Made Simple	Version 2.2 beta1
Cmsmadesimple Cms Made Simple	Version 2.2 beta2
Cmsmadesimple Cms Made Simple	Version 2.2 beta3
Cmsmadesimple Cms Made Simple	Version 2.2 beta4
Cmsmadesimple Cms Made Simple	Version 2.3
Cmsmadesimple Cms Made Simple	Version 2.3 beta1
Cmsmadesimple Cms Made Simple	Version 2.3 beta2
Cmsmadesimple Cms Made Simple	Version 2.3 beta3
Cmsmadesimple Cms Made Simple	Version 2.3 beta4
Cmsmadesimple Cms Made Simple	Version 2.3 beta5
Cmsmadesimple Cms Made Simple	Version 2.4 beta1
Cmsmadesimple Cms Made Simple	Version 2.4 beta2
Cmsmadesimple Cms Made Simple	Version 2.4 beta3
Cmsmadesimple Cms Made Simple	Version 2.4 beta4
Cmsmadesimple Cms Made Simple	Version 2.4 beta5
Cmsmadesimple Cms Made Simple	Version 2.4_beta
Cmsmadesimple Cms Made Simple	Version beta_1
Cmsmadesimple Cms Made Simple	Version beta_2