CVE-2014-8469
CVE-2014-8469 is a stored XSS in PHPFox (Moxi9) before 4 Beta, exploitable via the User-Agent header in AdminCP’s Guests/Boots. The issue arises from manipulating the user_agent field, enabling remote script/html injection. Public records show an exploit exists (PHPFox XSS AdminCP) and the vendor...