3 matches found
CVE-2024-5415 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to...
CVE-2024-5415 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to...
CVE-2024-5415
PhpMyBackupPro 2.3 is affected by a cross‑site scripting (XSS) vulnerability in the /phpmybackuppro/backup.php endpoint via the comments and db parameters. The issue allows crafting a URL to exfiltrate session details; CVSSv3.1 vectors indicate Network attack, low complexity, no privileges, user ...