CVE-2005-3734

2005-11-2200:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.009

Percentile

83.1%

JSON

Cross-site scripting (XSS) vulnerability in the “add content” page in phpMyFAQ 1.5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters.

References

secunia.com/advisories/17649

securityreason.com/securityalert/196

www.osvdb.org/20989

www.phpmyfaq.de/advisory_2005-11-18.php

www.securityfocus.com/archive/1/417219/30/0/threaded

www.securityfocus.com/bid/15504

www.trapkit.de/advisories/TKADV2005-11-004.txt

www.vupen.com/english/advisories/2005/2505