CVE-2005-3851 Information

Description

Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters possibly the keyword parameter.

Reference

http://pridels0.blogspot.com/2005/11/oasys-lite-10-searchasp-xss-vuln.html http://secunia.com/advisories/17712 http://www.osvdb.org/21095 http://www.securityfocus.com/bid/15605 http://www.vupen.com/english/advisories/2005/2583