← back
CVE-2005-4229

CVE-2005-4229

EPSS 1.7%
Cross-site scripting (XSS) vulnerability in auction.pl in EveryAuction 1.53 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter. NOTE: the provenance of this issue is unknown; the details were obtained solely from third party sources and independently verified using source code inspection.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/26786unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/18016https://exchange.xforce.ibmcloud.com/vulnerabilities/23568http://www.osvdb.org/21674http://www.securityfocus.com/bid/15824http://www.vupen.com/english/advisories/2005/2857