CVE-2005-3851

CVE-2005-3851

EPSS 1.2%

Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://pridels0.blogspot.com/2005/11/oasys-lite-10-searchasp-xss-vuln.html http://secunia.com/advisories/17712 http://www.osvdb.org/21095 http://www.securityfocus.com/bid/15605 http://www.vupen.com/english/advisories/2005/2583