Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormYam MesickaPACKETSTORM:94342
HistorySep 29, 2010 - 12:00 a.m.

phpMyFAQ 2.6.8 Cross Site Scripting

2010-09-2900:00:00
Yam Mesicka
packetstormsecurity.com
23

0.049 Low

EPSS

Percentile

92.8%

JSON
`Hi,  
  
My name is Yam Mesicka, I'm from Israel and this is my first big  
disclosure (so help needed is here :-)  
I found XSS on phpMyFAQ system, versions 2.6.6 to 2.6.8.  
  
Dork: intitle:"Powered By phpMyFAQ 2.6.8"  
XSS: site-location/index.php/"><script>alert("XSS")</script>  
Vul: 2.6.6 <= phpMyFAQ <= 2.6.8  
  
The problem has been fixed on phpMyFAQ 2.6.9.  
  
Advisory here: http://www.phpmyfaq.de/advisory_2010-09-28.php  
  
If more details are needed, please contact me.  
- Yam Mesicka  
- Israel  
- www.mesicka.com  
`

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2010-4821
2012-10-22 23:55:04
prion
prion
Cross site scripting
2012-10-22 23:55:00
cvelist
cvelist
CVE-2010-4821
2012-10-22 23:00:00
nvd
nvd
CVE-2010-4821
2012-10-22 23:55:04

0.049 Low

EPSS

Percentile

92.8%

JSON
Related for PACKETSTORM:94342
cve1prion1cvelist1nvd1