CVE-2005-4041

2005-12-0611:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in search.cgi in MR CGI Guy Hot Links SQL 3.1.x and Hot Links Pro 3.1.x allows remote attackers to inject arbitrary web script or HTML via the query string.

References

pridels0.blogspot.com/2005/12/hot-links-pro-3x-xss-vuln.html

pridels0.blogspot.com/2005/12/hot-links-sql-3x-xss-vuln.html

secunia.com/advisories/17868

secunia.com/advisories/17872

www.securityfocus.com/bid/15708

www.vupen.com/english/advisories/2005/2736

www.vupen.com/english/advisories/2005/2737