Summary
This host is installed with phpMyFAQ and is prone to Cross Site Scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary HTML and script code and cause cross-site scripting attacks.
Impact Level: Application
Solution
Upgrade to phpMyFAQ 2.0.17 or 2.5.2
http://www.phpmyfaq.de/download.php
Insight
This vulnerability is caused because the application does not properly sanitize the input passed into 'GET' parameter in 'search.php'.
Affected
phpMyFAQ prior to 2.0.17 and 2.5.0 prior to 2.5.2.
References
Severity
Classification
-
CVE CVE-2009-4040 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities