Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyfaq phpmyfaq vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-2999
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq before 3.1.14.
Phpmyfaq Phpmyfaq
5
CVSSv2
CVE-2014-6048
phpMyFAQ prior to 2.8.13 allows remote malicious users to read arbitrary attachments via a direct request.
Phpmyfaq Phpmyfaq
1 EDB exploit
5
CVSSv2
CVE-2014-6050
phpMyFAQ prior to 2.8.13 allows remote malicious users to bypass the CAPTCHA protection mechanism by replaying the request.
Phpmyfaq Phpmyfaq
1 EDB exploit
6.8
CVSSv2
CVE-2014-6046
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ prior to 2.8.13 allow remote malicious users to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open...
Phpmyfaq Phpmyfaq
1 EDB exploit
5
CVSSv2
CVE-2014-6047
phpMyFAQ prior to 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
Phpmyfaq Phpmyfaq
1 EDB exploit
3.5
CVSSv2
CVE-2017-15727
In phpMyFAQ prior to 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
Phpmyfaq Phpmyfaq
1 EDB exploit
3.5
CVSSv2
CVE-2017-15728
In phpMyFAQ prior to 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
Phpmyfaq Phpmyfaq
6.8
CVSSv2
CVE-2017-15730
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
Phpmyfaq Phpmyfaq
1 EDB exploit
6.8
CVSSv2
CVE-2017-15732
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
Phpmyfaq Phpmyfaq
6.8
CVSSv2
CVE-2017-15733
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
Phpmyfaq Phpmyfaq
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
remote code execution
CVE-2024-37080
CVE-2024-5182
CVE-2024-4390
CVE-2024-6100
brute force
CVE-2021-47581
file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »