Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyfaq phpmyfaq vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2024-22202
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an malicious user to spoof another user's detail, and in turn make a compelling phishing case for removing another user's acco...
Phpmyfaq Phpmyfaq
NA
CVE-2006-6912
SQL injection vulnerability in phpMyFAQ 1.6.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.
Phpmyfaq Phpmyfaq
1 EDB exploit
9.8
CVSSv3
CVE-2023-1753
Weak Password Requirements in GitHub repository thorsten/phpmyfaq before 3.1.12.
Phpmyfaq Phpmyfaq
4.7
CVSSv3
CVE-2023-1754
Improper Neutralization of Input During Web Page Generation in GitHub repository thorsten/phpmyfaq before 3.1.12.
Phpmyfaq Phpmyfaq
5.4
CVSSv3
CVE-2023-1755
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq before 3.1.12.
Phpmyfaq Phpmyfaq
4.8
CVSSv3
CVE-2017-15728
In phpMyFAQ prior to 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15733
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
Phpmyfaq Phpmyfaq
6.1
CVSSv3
CVE-2017-15809
In phpMyFaq prior to 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
Phpmyfaq Phpmyfaq
9.8
CVSSv3
CVE-2017-11187
phpMyFAQ prior to 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.
Phpmyfaq Phpmyfaq
6.1
CVSSv3
CVE-2017-7579
inc/PMF/Faq.php in phpMyFAQ prior to 2.9.7 has XSS in the question field.
Phpmyfaq Phpmyfaq
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »