CVE-2005-3422

ASP Fast Forum - Cross-Site Scripting via Error Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3422. PoCs published by syst3m_f4ult.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in ASP Fast Forum due to improper input sanitization. The exploit involves crafting a malicious URL with an XSS payload in the 'error' parameter.

Description

Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast Forum allows remote attackers to inject arbitrary web script or HTML via the error parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by syst3m_f4ult · textwebappsasp

https://www.exploit-db.com/exploits/26435

View Code ZIP pw:eip

The provided text describes a cross-site scripting (XSS) vulnerability in ASP Fast Forum due to improper input sanitization. The exploit involves crafting a malicious URL with an XSS payload in the 'error' parameter.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: ASP Fast Forum (version not specified)

No auth needed

Prerequisites: Access to the target forum's error.asp page

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/20398

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17387

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2005/2252

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15233

Scores

EPSS 0.0175

EPSS Percentile 75.1%

Details

Status published

Products (1)

10-4_aps/asp_fast_forum

Published Nov 01, 2005

Tracked Since Feb 18, 2026