CVE-2005-2163

AutoIndex PHP Script 1.5.2 is affected by a stored/reflected XSS in index.php via the search parameter. The vulnerability allows an attacker to inject arbitrary HTML/JavaScript, which is executed in the victim’s browser and can lead to cookie theft or session hijacking. The Nessus entry confirms ...