4.3

CVE-2009-4040

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.

Data is provided by the National Vulnerability Database (NVD)
PhpmyfaqPhpmyfaq Version <= 2.0.16
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.60
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.65
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.70
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.80
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.80a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.85
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.86
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.87
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.90
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.95
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version0.666
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.0.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.0.1a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.4a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.1.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.5a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.2.5b
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.6
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.7
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.8
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.9
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.9pl1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.10
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.11
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.12
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.13
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.3.14
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.0a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.6
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.7
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.8
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.9
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.10
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4.11
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4_alpha1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4_alpha2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.4a
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5 Updaterc1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5 Updaterc2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5 Updaterc3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5 Updaterc4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5 Updaterc5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.6
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.7
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.8
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5.9
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5_alpha1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5_alpha2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5_beta1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5_beta2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.5_beta3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.6
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.7
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.8
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.9
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.10
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.11
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version1.6.12
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.2
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.3
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.4
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.5
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.6
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.7
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.8
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.9
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.10
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.11
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.12
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.13
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.14
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.0.15
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.5.0
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
PhpmyfaqPhpmyfaq Version2.5.1
   MicrosoftInternet Explorer Version6
   MicrosoftInternet Explorer Version7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.32% 0.521
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.