2 matches found
CVE-2024-5414 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/getfile.php, 'view' parameter. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...
CVE-2024-5414
CVE-2024-5414 affects PhpMyBackupPro v2.3. A cross-site scripting (XSS) flaw exists in the /phpmybackuppro/get_file.php endpoint via the view parameter, enabling an attacker to craft a URL that may exfiltrate a victim’s session details. Exploitation details are not provided in the core CVE text, ...