Description

Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters.

Remediation

References

CVE-2005-3734

Related Vulnerabilities

WordPress Plugin Faster and Easier scroll to Top for WordPress-Smart Scroll to Top Lite includes Backdoor [Only if downloaded via the vendor website] (1.0.3)

WordPress Plugin Simple File List Arbitrary File Download (3.2.7)

MySQL CVE-2017-3462 Vulnerability (CVE-2017-3462)

Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26273)

Python CVE-2019-17514 Vulnerability (CVE-2019-17514)

Severity

Medium

Classification

CVE-2005-3734

Tags

Missing Update Known Vulnerabilities