PT-2026-24695 · Undefined · Undefined
Shufenshui
·
Publicado
2026-03-11
·
Atualizado
2026-03-15
·
CVE-2026-3946
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
PHPEMS version 11.0
Description
A cross site scripting issue exists in PHPEMS version 11.0. The issue is related to a function within the
/index.php?ask=app-ask file. Manipulating the askcontent parameter can lead to the execution of cross site scripting attacks. The exploit is publicly available and may be used remotely.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Code Injection
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Undefined