BugTraq
[TKADV2005-11-004] Multiple Cross Site Scripting vulnerabilities in phpMyFAQ Nov 19 2005 07:10PM
tk trapkit de

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Advisory: Multiple Cross Site Scripting vulnerabilities in
phpMyFAQ
Name: TKADV2005-11-004
Revision: 1.0
Release Date: 2005/11/19
Last Modified: 2005/11/19
Author: Tobias Klein (tk at trapkit.de)
Affected Software: phpMyFAQ (all versions <= phpMyFAQ 1.5.3)
Risk: Critical ( ) High (x) Medium ( ) Low ( )
Vendor URL: http://www.phpmyfaq.de/
Vendor Status: Vendor has released an updated version

=========
Overview:
=========

phpMyFAQ is a multilingual, completely database-driven FAQ-system.

Version 1.5.3 and prior contain multiple persistent Cross Site
Scripting vulnerabilities.

=========
Solution:
=========

Upgrade to phpMyFAQ 1.5.4 or newer.

http://www.phpmyfaq.de/download.php


For more details see:

http://www.trapkit.de/advisories/TKADV2005-11-004.txt

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQ392HJF8YHACG4RBEQKmkwCfVT7mGy0M2gclF60c6k2QNRYgL3IAoPC7
Q9va6jZFp+mJS94hk+8LcRkQ
=HLVb
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus