CVE-2022-3766

MEDIUM NUCLEI

Phpmyfaq < 3.1.8 - XSS

Title source: rule

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.

Exploits (1)

exploitdb WORKING POC
by CodeSecLab · textwebappsmultiple
https://www.exploit-db.com/exploits/52445

Nuclei Templates (1)

phpMyFAQ < 3.1.8 - Cross-Site Scripting
MEDIUMVERIFIEDby ritikchaddha
Shodan: http.html:"phpmyfaq"
FOFA: body="phpmyfaq"

References (3)

Scores

CVSS v3 6.1
EPSS 0.1402
EPSS Percentile 94.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
phpmyfaq/phpmyfaq < 3.1.8
thorsten/phpmyfaq 0 - 3.1.8Packagist
Published Oct 31, 2022
Tracked Since Feb 18, 2026