Phpmyfaq: >> Phpmyfaq >> 1.3.9pl1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.
CVSS Score
4.3
EPSS Score
0.003
Published
2009-11-20
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
CVSS Score
6.8
EPSS Score
0.005
Published
2007-02-21