Description

Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LANG[metaLanguage] to header.php.

Remediation

References

CVE-2005-3047

Related Vulnerabilities

WordPress Plugin WP Design Maps & Places Cross-Site Scripting (1.2)

Coppermine Cross-site Scripting (XSS) Vulnerability (CVE-2015-3921)

Drupal Core 7.x Information Disclosure (7.0 - 7.14)

WeBid Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7117)

Bootstrap Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20677)

Severity

Medium

Classification

CVE-2005-3047 CWE-707

Tags

Missing Update Known Vulnerabilities