CVE-2022-4407

MEDIUM

phpmyfaq < 3.1.9 - Reflected Cross-Site Scripting

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-4407. PoCs published by CodeSecLab.

AI-analyzed exploit summary This is a working proof-of-concept for a reflected XSS vulnerability in phpMyFAQ 3.1.7. The exploit demonstrates how the 'action' parameter in the admin interface is unsanitized and directly rendered in an HTML attribute, allowing arbitrary JavaScript execution.

Description

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.

Exploits (1)

exploitdb WORKING POC
by CodeSecLab · textwebappsphp
https://www.exploit-db.com/exploits/52226

This is a working proof-of-concept for a reflected XSS vulnerability in phpMyFAQ 3.1.7. The exploit demonstrates how the 'action' parameter in the admin interface is unsanitized and directly rendered in an HTML attribute, allowing arbitrary JavaScript execution.

Classification
Working Poc 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: phpMyFAQ 3.1.7
No auth needed
Prerequisites: Access to the admin interface URL · Victim interaction to trigger the payload
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 6.1
EPSS 0.0924
EPSS Percentile 92.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-79
Status published
Products (2)
phpmyfaq/phpmyfaq < 3.1.9
thorsten/phpmyfaq 0 - 3.1.9Packagist
Published Dec 11, 2022
Tracked Since Feb 18, 2026