4 matches found
phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in name field in add question module. This allows an attacker to steal user cookies...
GHSA-8595-6653-96P2 phpMyFAQ vulnerable to Stored Cross-site Scripting
phpMyFAQ prior to version 3.1.13 has a stored cross site scripting vulnerability in name field in add question module. This allows an attacker to steal user cookies...
PT-2023-19508 · Phpmyfaq · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.1.13 Description: The issue is related to a stored Cross-site Scripting XSS vulnerability. This vulnerability allows an attacker to steal user cookies by exploiting the name field in the add question module...
Stored cross site scripting vulnerability in thorsten/phpmyfaq
Description Stored cross site scripting vulnerability in "name" field in add question module. This allows attacker to stolen user cookies. Proof of Concept 1 . Login to the demo account https://roy.demo.phpmyfaq.de/ 2 . Login as demo user 3 . Click add question 4 . Add payload in "Your Name"...