Sign in Subscribe

← All advisories

Medium severity6.1NVD Advisory· Published Jul 20, 2017· Updated May 13, 2026

CVE-2017-0378

CVE-2017-0378

Description

XSS exists in the login_form function in views/helpers.php in Phamm before 0.6.7, exploitable via the PATH_INFO to main.php.

Affected products

1

Phamm/Phamm
cpe:2.3:a:phamm:phamm:*:*:*:*:*:*:*:*
Range: <=0.6.6

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

github.com/lota/phamm/issues/21nvdExploitIssue TrackingThird Party Advisory
www.openwall.com/lists/oss-security/2017/07/20/3nvdMailing ListThird Party Advisory
www.phamm.org/docs/CHANGELOGnvdVendor Advisory
www.securityfocus.com/bid/99927nvdThird Party AdvisoryVDB Entry
bugs.debian.org/868988nvdMailing ListThird Party Advisory

News mentions

0

No linked articles in our index yet.