CVE-2007-6633

by Fred · 03/01/2008

Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts.

Date published : 2008-01-03

http://www.securityfocus.com/bid/27051

http://www.securityfocus.com/archive/1/485589/100/0/threaded

CVE-2007-6633

Similar

Recent Posts

Categories

CVE-2007-6633

Share this:

Similar

Recent Posts

Categories

Tags