CVE-2010-4558

CVE-2010-4558 concerns phpMyFAQ versions 2.6.11 and 2.6.12, where an externally introduced Trojan Horse modification in the getTopTen method of inc/Faq.php enables remote attackers to execute arbitrary PHP code. The vulnerability is documented across multiple sources (including NVD, Red Hat advis...

CVE-2010-4558

phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an externally introduced modification Trojan Horse in the getTopTen method in inc/Faq.php, which allows remote attackers to execute arbitrary PHP code...

phpmyfaq 2.6.11 RFI Vulnerability

Exploit for php platform in category web applications ================================= phpmyfaq 2.6.11 RFI Vulnerability ================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 /' \ /'\ /'\ /\ \ /\ /\ \ 7 1 /, /\L\ \ /\L\ \///'/'...

FreeBSD Ports: phpmyfaq

The remote host is missing an update to the system as announced in the referenced advisory. VID 99021f88-ca3c-11df-be21-00e018aa7788 OpenVAS Vulnerability Test $ Description: Auto generated from VID 99021f88-ca3c-11df-be21-00e018aa7788 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

FreeBSD Ports: phpmyfaq

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : phpmyfaq -- XSS vulnerabilities (99021f88-ca3c-11df-be21-00e018aa7788)

The phpMyFAQ project reports : The phpMyFAQ Team has learned of a security issue that has been discovered in phpMyFAQ 2.6.x: phpMyFAQ doesn't sanitize some variables in different pages correctly. With a properly crafted URL it is e.g. possible to inject JavaScript code into the output of a page,...

phpMyFAQ 2.6.x index.php跨站脚本漏洞

BUGTRAQ ID: 43560 phpMyFAQ是一款多语言、基于数据库的FAQ系统。 phpMyFAQ没有正确地过滤提交给index.php页面的请求参数便返回给了用户。远程攻击者可以通过提交恶意的URL请求向页面输出注入JavaScript代码，导致窃取域Cookie。 phpMyFAQ 2.6.x 厂商补丁： phpMyFAQ -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.phpmyfaq.de/ http://www.example.com/index.php/"scriptalert"XSS"/script...

phpMyFAQ 2.6.8 Cross Site Scripting

Hi, My name is Yam Mesicka, I'm from Israel and this is my first big disclosure so help needed is here :- I found XSS on phpMyFAQ system, versions 2.6.6 to 2.6.8. Dork: intitle:"Powered By phpMyFAQ 2.6.8" XSS: site-location/index.php/"alert"XSS" Vul: 2.6.6 = phpMyFAQ = 2.6.8 The problem has been...

phpMyFAQ 'index.php' XSS Vulnerability

phpMyFAQ is prone to a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

phpMyFAQ 'index.php' Cross Site Scripting Vulnerability

phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to stea...

Fwd: 2.6.6 <= phpMyFAQ <= 2.6.8 XSS

Hi, My name is Yam Mesicka, I'm from Israel and this is my first big disclosure so help needed is here :- I found XSS on phpMyFAQ system, versions 2.6.6 to 2.6.8. Dork: intitle:"Powered By phpMyFAQ 2.6.8" XSS: site-location/index.php/"scriptalert"XSS"/script Vul: 2.6.6 = phpMyFAQ = 2.6.8 The...

PHPMyFAQ 2.6.x - index.php Cross-Site Scripting

PHPMyFAQ 2.6.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43560/info phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHPMyFAQ 2.6.x - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43560/info phpMyFAQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

phpmyfaq -- cross site scripting vulnerabilities

The phpMyFAQ project reports: The phpMyFAQ Team has learned of a security issue that has been discovered in phpMyFAQ 2.6.x: phpMyFAQ doesn't sanitize some variables in different pages correctly. With a properly crafted URL it is e.g. possible to inject JavaScript code into the output of a page,...

CVE-2009-4780

Multiple cross-site scripting XSS vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter in a sitemap action, 2 the search parameter in a search action, 3 the taggingid parameter in a search action, 4 the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter in a sitemap action, 2 the search parameter in a search action, 3 the taggingid parameter in a search action, 4 the...

CVE-2009-4780

CVE-2009-4780 affects phpMyFAQ

CVE-2009-4780

Multiple cross-site scripting XSS vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via 1 the lang parameter in a sitemap action, 2 the search parameter in a search action, 3 the taggingid parameter in a search action, 4 the...

phpMyFAQ多个页面URL参数跨站脚本漏洞

BUGTRAQ ID: 37180 phpMyFAQ是一款多语言、基于数据库的FAQ系统。 phpMyFAQ没有正确地过滤用户提交给多个页面的变量，远程攻击者可以通过特制的URL请求向页面的输出注入JavaScript代码，导致窃取域Cookie，如会话标识符。 phpMyFAQ 2.5.x 厂商补丁： phpMyFAQ -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.phpmyfaq.de/ http://host/index.php?action=sitemap&lang=code...

phpMyFAQ 2.5.4 Cross Site Scripting

Mutliple XSS in phpMyFAQ alert1 http://localhost/phpmyfaq/index.php?search=hello"alertdocument.cookie&action=search http://localhost/phpmyfaq/index.php?action=artikel&cat=1&id=1&artlang=en&highlight=you"alert1 http://localhost/phpmyfaq/index.php?action=artikel&cat=1&id=1&artlang=en"alert1...