Description
Cross-site scripting (XSS) vulnerability in module.php in PHPFABER CMS, possibly 1.3.36, allows remote attackers to inject arbitrary web script or HTML via the mod parameter.
Exploits (1)
References (4)
Core 4
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/0912-exploits/phpfabercms-xss.txt
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3526
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37329
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/10443
Scores
EPSS
0.0176
EPSS Percentile
82.7%
Details
CWE
CWE-79
Status
published
Products (1)
phpfaber/phpfaber_content_management_system
1.3.36
Published
Dec 22, 2009
Tracked Since
Feb 18, 2026