CVE-2005-2980 in Noahs Classifieds
Summary
by MITRE
Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah s classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 08/31/2025
The vulnerability identified as CVE-2005-2980 represents a classic cross-site scripting flaw within the phpoutsourcing Noah s classifieds 1.3 web application. This issue manifests in the index.php script where user input is not properly sanitized before being rendered back to web browsers. The specific parameter affected is rollid which serves as a critical entry point for malicious actors to inject harmful code into the application's output stream. This type of vulnerability falls under the CWE-79 category of Cross-Site Scripting, which is classified as a fundamental web application security weakness that has persisted across numerous platforms and versions. The vulnerability enables attackers to execute arbitrary scripts in the context of other users' browsers, potentially leading to session hijacking, data theft, or unauthorized actions performed on behalf of victims.
The technical exploitation of this vulnerability occurs when an attacker crafts a malicious URL containing script code within the rollid parameter and delivers it to unsuspecting users. When victims click on the crafted link, the malicious script executes in their browser within the context of the legitimate website, bypassing normal security restrictions. The vulnerability is particularly concerning because it affects the core functionality of the classifieds system, potentially allowing attackers to modify the display of classified listings or redirect users to malicious websites. The attack vector is straightforward and requires minimal technical expertise to execute, making it a high-risk vulnerability that could be exploited by both skilled attackers and automated tools. This vulnerability also aligns with ATT&CK technique T1531 which focuses on use of remote services for command and control, as successful exploitation could enable attackers to establish persistent access through compromised user sessions.
The operational impact of this vulnerability extends beyond simple script injection, potentially allowing attackers to harvest sensitive information from authenticated users or manipulate the classifieds display to mislead users. Attackers could create fake listings, redirect users to phishing sites, or steal session cookies that would enable them to impersonate legitimate users. The vulnerability affects the integrity and availability of the classifieds service, potentially damaging the reputation of the platform and leading to loss of user trust. Organizations using this vulnerable software could face regulatory compliance issues if user data is compromised, particularly in environments where personal information is collected or processed. The long-term implications include the potential for cascading attacks where the initial XSS vulnerability serves as a foothold for further exploitation of the system. Security teams must consider that this vulnerability could be leveraged as part of broader attack campaigns targeting web applications, and the lack of proper input validation represents a fundamental flaw in the application's security architecture. Mitigation efforts should focus on immediate patching of the vulnerable software, implementation of proper input sanitization, and deployment of web application firewalls to detect and prevent such attacks.