Back to search
CVE-2007-6633
Published: Jan 4, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20071228 FAQMasterFlexPlus multiple vulnerabilities
mailing-list
x_refsource_FULLDISC
28248
third-party-advisory
x_refsource_SECUNIA
20071228 FAQMasterFlexPlus multiple vulnerabilities
mailing-list
x_refsource_BUGTRAQ
faqmasterflexplus-faq-xss(39287)
vdb-entry
x_refsource_XF
39664
vdb-entry
x_refsource_OSVDB
27051
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now