Description
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LANG[metaLanguage] to header.php.
Remediation
References
Related Vulnerabilities
PHP NULL Pointer Dereference Vulnerability (CVE-2025-6491)
MySQL CVE-2015-4830 Vulnerability (CVE-2015-4830)
WordPress Plugin Groundhogg-Marketing Automation & CRM for WordPress Remote Code Execution (1.3.4)
Oracle Application Server CVE-2006-0273 Vulnerability (CVE-2006-0273)
WordPress Plugin WP Statistics Multiple Cross-Site Scripting Vulnerabilities (2.2.4)