3 matches found
Phamm helpers.php Cross-Site Scripting (CVE-2017-0378)
A reflected cross-site scripting vulnerability exists in Phamm. The vulnerability is due to insufficient validation of user-supplied input within views/helpers.php. A remote, unauthenticated attacker could exploit this vulnerability by enticing an user to click a maliciously crafted link or open ...
CVE-2017-0378
Removed by vendor...
CVE-2017-0378
CVE-2017-0378 affects Phamm prior to 0.6.7. The vulnerability is a cross-site scripting issue in the login_form function within views/helpers.php, exploitable via PATH_INFO to main.php. Root cause: insufficient input validation leading to script/HTML injection. Affected product/version: Phamm