Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 22/11/2005 Updated: 19/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpmyfaq phpmyfaq 1.5_alpha1
phpmyfaq phpmyfaq 1.5_alpha2
phpmyfaq phpmyfaq 1.5_rc4
phpmyfaq phpmyfaq 1.5_rc5
phpmyfaq phpmyfaq 1.5
phpmyfaq phpmyfaq 1.5_beta3
phpmyfaq phpmyfaq 1.5_rc1
phpmyfaq phpmyfaq 1.5_beta1
phpmyfaq phpmyfaq 1.5_beta2
phpmyfaq phpmyfaq 1.5.1
phpmyfaq phpmyfaq 1.5.3
phpmyfaq phpmyfaq 1.5_rc2
phpmyfaq phpmyfaq 1.5_rc3

NVD-CWE-Other http://www.trapkit.de/advisories/TKADV2005-11-004.txt http://www.phpmyfaq.de/advisory_2005-11-18.php http://www.securityfocus.com/bid/15504 http://secunia.com/advisories/17649 http://www.osvdb.org/20989 http://securityreason.com/securityalert/196 http://www.vupen.com/english/advisories/2005/2505 http://www.securityfocus.com/archive/1/417219/30/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-3734

Vulnerability Summary

References

Vulmon Search

About

Products

Connect