CVE-2008-7223

Name of the Vulnerable Software and Affected Versions LinPHA versions prior to 1.3.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected API endpoints include "ftp/index.php", "viewer.php", "functions/other.php", "include/left menu.class.php", and "plugins/stats/stats view.php".

Recommendations For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected endpoints until a patch is applied. Avoid using the affected scripts and plugins in the meantime to minimize the risk of exploitation.