VULHUB ™

PHP Arena paFileDB is prone to cross-site scripting attacks. An attacker may construct a malicious link to the vulnerable script which contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will execute in their web client in the security context of the paFileDB site. This issue is reported to be exploitable by providing HTML and script code as a search string.

PHP Arena paFileDB is prone to cross-site scripting attacks. An attacker may construct a malicious link to the vulnerable script which contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will execute in their web client in the security context of the paFileDB site. This issue is reported to be exploitable by providing HTML and script code as a search string.