This page aggregates publicly disclosed CVE and security risk information related to contens, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2005-4389 | search.cfm in CONTENS 3.0 and earlier allows remote attackers to obtain the full server path via invalid (1) submit.y, (2) bool, (3) itemsperpage, (4) submit, (5) submit.x, (6) criteria, (7) advanced, and (8) intern parameters. | [email protected] | 5.0 | 1.39% | 2005-12-19 | 2026-06-16 |
| CVE-2005-4388 | Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter. | [email protected] | 4.3 | 1.30% | 2005-12-19 | 2026-06-16 |