2 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 5

Cross-site scripting (XSS) vulnerability in fom.cgi in Faq-O-Matic 2.711 allows remote attackers to inject arbitrary web script or HTML via the (1) _duration, (2) file, and (3) cmd parameters. • https://www.exploit-db.com/exploits/27088 http://osvdb.org/ref/22/22439-faqomatic.txt http://secunia.com/advisories/18468 http://www.osvdb.org/22439 http://www.securityfocus.com/bid/16251 http://www.vupen.com/english/advisories/2006/0189 https://exchange.xforce.ibmcloud.com/vulnerabilities/24165 •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message. Vulnerabilidad de secuencias de comandos en sitios cruzados (Cross-site scripting) en fom.cgi de Faq-O-Matic 2.712 permite a atacantes remotos ejecutar código Javascript arbitrario en otros clientes mediante el parámetro cmd, lo que hace que el script sea insertado en un mensaje de error. • https://www.exploit-db.com/exploits/21263 http://marc.info/?l=bugtraq&m=101285834018701&w=2 http://marc.info/?l=bugtraq&m=101293973111873&w=2 http://sourceforge.net/mailarchive/forum.php?thread_id=464940&forum_id=6367 http://www.debian.org/security/2002/dsa-109 •