CVE-2005-3047

PhpMyFaq 1.5.1 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LANG[metaLanguage] to header.php.

References (2)

[Mailing List] http://marc.info/?l=bugtraq&m=112749230124091&w=2

[Exploit, Vendor Advisory] http://rgod.altervista.org/phpmyfuck151.html

Scores

EPSS 0.0041

EPSS Percentile 61.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

phpmyfaq/phpmyfaq

Timeline

Published Sep 24, 2005

Tracked Since Feb 18, 2026