CVE-2005-2077 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter.

Affected Software

Name	Vendor	Start Version	End Version
Hosting_controller	Hosting_controller	1.1 (including)	1.1 (including)
Hosting_controller	Hosting_controller	1.3 (including)	1.3 (including)
Hosting_controller	Hosting_controller	1.4 (including)	1.4 (including)
Hosting_controller	Hosting_controller	1.4.1 (including)	1.4.1 (including)
Hosting_controller	Hosting_controller	1.4b (including)	1.4b (including)
Hosting_controller	Hosting_controller	6.1 (including)	6.1 (including)
Hosting_controller	Hosting_controller	6.1_hotfix_1.4 (including)	6.1_hotfix_1.4 (including)
Hosting_controller	Hosting_controller	6.1_hotfix_1.7 (including)	6.1_hotfix_1.7 (including)
Hosting_controller	Hosting_controller	6.1_hotfix_1.9 (including)	6.1_hotfix_1.9 (including)
Hosting_controller	Hosting_controller	6.1_hotfix_2.0 (including)	6.1_hotfix_2.0 (including)

References

http://marc.info/?l=bugtraq\u0026m=111997456519685\u0026w=2
http://securitytracker.com/id?1016456
http://www.securityfocus.com/archive/1/419597/100/0/threaded
http://www.securityfocus.com/bid/14080

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2077
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html