Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the URL parameters, which is not properly cleansed in the $pageurl variable, as demonstrated using pafiledb.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php arena pafiledb 3.1 |