Vulnerabilities > Phpmyfaq > Phpmyfaq > 1.3.9pl1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-20 | CVE-2009-4040 | Cross-Site Scripting vulnerability in PHPmyfaq Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page. | 4.3 |
2007-02-21 | CVE-2007-1032 | Remote Security vulnerability in phpMyFAQ Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server." Successful exploitation requires that "register_globals" is enabled. network phpmyfaq | 6.8 |