CVE-2008-0700 – CruxCMS 3.0 - 'search.php' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2008-0700

Cross-site scripting (XSS) vulnerability in search.php in Crux Software CruxCMS 3.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en search.php de Crux Software CruxCMS 3.0 permite a atacantes remotos inyectar web script o HTML de su elección a través del parámetro search. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • https://www.exploit-db.com/exploits/31097 http://downloads.securityfocus.com/vulnerabilities/exploits/27588.html http://www.securityfocus.com/bid/27588 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •