CVE-2005-4372 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in account.html in Adaptive Website Framework (AWF) 2.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Affected Software

Name	Vendor	Start Version	End Version
Adaptive_website_framework	Liquid_bytes_technologies	1.11 (including)	1.11 (including)
Adaptive_website_framework	Liquid_bytes_technologies	2.00 (including)	2.00 (including)
Adaptive_website_framework	Liquid_bytes_technologies	2.01 (including)	2.01 (including)
Adaptive_website_framework	Liquid_bytes_technologies	2.10 (including)	2.10 (including)

References

http://pridels0.blogspot.com/2005/12/awf-adaptive-website-framework-vuln.html
http://www.awf-cms.org/news.html
http://www.osvdb.org/21914
http://www.securityfocus.com/bid/15937
http://www.vupen.com/english/advisories/2005/2973
http://pridels0.blogspot.com/2005/12/awf-adaptive-website-framework-vuln.html
http://www.awf-cms.org/news.html
http://www.osvdb.org/21914
http://www.securityfocus.com/bid/15937
http://www.vupen.com/english/advisories/2005/2973

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4372
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html