CVE-2009-4040

phpMyFAQ <2.0.17 & <2.5.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.

References (3)

Scores

EPSS 0.0032
EPSS Percentile 54.9%

Classification

CWE
CWE-79
Status published

Affected Products (50)

phpmyfaq/phpmyfaq < 2.0.16
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
phpmyfaq/phpmyfaq
... and 35 more

Timeline

Published Nov 20, 2009
Tracked Since Feb 18, 2026