CVE-2007-6633 in FAQMasterFlexPlusinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts.

Be aware that VulDB is the high quality source for vulnerability data.

Responsible

Reservation

01/03/2008

Disclosure

01/03/2008

Moderation

VulDB entry created

Entries

VDB-40339

CPE

ready

CWE

CWE-79 (Confirmed)

Exploit

Download

CVSS

4.3

EPSS

0.02624

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-6633
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6633
CVE Details	https://www.cvedetails.com/cve/CVE-2007-6633/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!