1756 matches found
phpMyFAQ <= 2.5.4 Multiple XSS Vulnerabilities
Exploit for unknown platform in category web applications ============================================== phpMyFAQ alert1 http://server/phpmyfaq/index.php?search=hello"alertdocument.cookie&action=search http://server/phpmyfaq/index.php?action=artikel&cat=1&id=1&artlang=en&highlight=you"alert1...
phpMyFAQ <= 2.5.4 Multiple XSS Vulnerabilities
No description provided by source. OVERVIEW phpMyFAQ 2.5 is a multilingual, completely database-driven FAQ-system. PoC http://server/phpmyfaq/index.php?action=sitemap=en"scriptalert1/script http://server/phpmyfaq/index.php?search=hello"scriptalertdocument.cookie/script&action=search...
phpMyFAQ <= 2.5.4 Multiple Unspecified XSS Vulnerabilities
phpMyFAQ is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
phpMyFAQ 2.5.4 and Prior Multiple Unspecified Cross Site Scripting Vulnerabilities
phpMyFAQ is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
phpMyFAQ 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities
phpMyFAQ 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/37180/info phpMyFAQ is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
phpMyFAQ < 2.5.4 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/37180/info phpMyFAQ is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting...
phpMyFAQ < 2.0.17, 2.5.x < 2.5.2 XSS Vulnerability
phpMyFAQ is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"...
phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability
This host is installed with phpMyFAQ and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodphpmyfaqgetxssvuln.nasl 5122 2017-01-27 12:16:00Z teissa $ phpMyFAQ GET Variable Cross-Site-Scripting Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 SecPod,...
Cross site scripting
Cross-site scripting XSS vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page...
CVE-2009-4040
Cross-site scripting XSS vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page...
CVE-2009-4040
Cross-site scripting XSS vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page...
CVE-2009-4040
CVE-2009-4040 affects phpMyFAQ prior to 2.0.17 and 2.5.x prior to 2.5.2. It is a cross-site scripting (XSS) vulnerability on the search page triggered by unsanitized input, notably with IE6/IE7. Root cause: insufficient input sanitization on search parameters. Impact: remote attacker can inject s...
phpMyFAQ Search Page Cross Site Scripting Vulnerability
phpMyFAQ is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the...
phpMyFAQ搜索页面跨站脚本漏洞
BUGTRAQ ID: 37020 phpMyFAQ是一款多语言、基于数据库的FAQ系统。 phpMyFAQ的搜索页面没有正确地过滤GET变量,远程攻击者可以通过特制的URL请求执行跨站存储式跨站脚本攻击,在出错消息的输出中注入任意HTML代码。这可能导致泄漏域Cookie,如会话标识符。 phpMyFAQ = 2.5.1 厂商补丁: phpMyFAQ -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.phpmyfaq.de/download.php?do=download&number=2.0.17&ext=.zip...
phpMyFAQ Search Page XSS Vulnerability
phpMyFAQ is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. This VT has been deprecated as a duplicate of the following VT: phpMyFAQ 2.0.17, 2.5.x 2.5.2 XSS Vulnerability OID: 1.3.6.1.4.1.25623.1.0.900982 SPDX-FileCopyrightText...
phpMyFAQ Detection
This host is running phpMyFAQ, an open source FAQ system using PHP and available for many databases. OpenVAS Vulnerability Test $Id: phpmyfaqdetect.nasl 5739 2017-03-27 14:48:05Z cfi $ phpMyFAQ Detection Authors: Michael Meyer Updated to detect beta versions. - By Nikita MR on 2009-11-24 11:10:45...
phpMyFAQ Detection (HTTP)
HTTP based detection of phpMyFAQ. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100106";...
FreeBSD Ports: phpmyfaq
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: phpmyfaq
The remote host is missing an update to the system as announced in the referenced advisory. VID c6b9aee8-3071-11da-af18-000ae4641456 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit
No description provided by source. !/usr/bin/php5-cgi -q " localhost:4001 [email protected] / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q" . $cmd . ""; fwrite$fp, $code; fclose$fp; $sendvars"aktion" =...