Security Advisory 2005-11-18

Multiple Cross Site Scripting vulnerabilities in phpMyFAQ 1.5.x

Issued on:

2005-11-18

Software:

phpMyFAQ <= 1.5.3

Risk:

High

Platforms:

all

The phpMyFAQ Team has learned of a security issue that has been discovered in phpMyFAQ 1.5.

Description

All vulnerabilities are exploitable by an anonymous user. All vulnerabilities are exploitable,

no matter if magic_quotes_gpc is turned on or off. The "thema", "username" and "usermail"

parameters are prone to cross-site scripting attacks in the "add content" page.

Solution

The phpMyFAQ Team has released a new phpMyFAQ version 1.5.4 which fixes these vulnerabilities.

All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this

latest version.

Workaround

There's no workaround except installing phpMyFAQ 1.5.4.

Credits

The phpMyFAQ Team would like to thank Tobias Klein for discovering these vulnerabilities. Tobias

Klein has also released an

independent advisory, describing the vulnerability in more detail.