Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyfaq phpmyfaq 1.5_alpha1 |
||
phpmyfaq phpmyfaq 1.5_alpha2 |
||
phpmyfaq phpmyfaq 1.5_rc4 |
||
phpmyfaq phpmyfaq 1.5_rc5 |
||
phpmyfaq phpmyfaq 1.5 |
||
phpmyfaq phpmyfaq 1.5_beta3 |
||
phpmyfaq phpmyfaq 1.5_rc1 |
||
phpmyfaq phpmyfaq 1.5_beta1 |
||
phpmyfaq phpmyfaq 1.5_beta2 |
||
phpmyfaq phpmyfaq 1.5.1 |
||
phpmyfaq phpmyfaq 1.5.3 |
||
phpmyfaq phpmyfaq 1.5_rc2 |
||
phpmyfaq phpmyfaq 1.5_rc3 |