Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
phpmyfaq vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2017-14618
Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ up to and including 2.9.8 allows remote malicious users to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.
Phpmyfaq Phpmyfaq
1 EDB exploit
6.1
CVSSv3
CVE-2017-14619
Cross-site scripting (XSS) vulnerability in phpMyFAQ up to and including 2.9.8 allows remote malicious users to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.
Phpmyfaq Phpmyfaq
1 EDB exploit
NA
CVE-2006-6912
SQL injection vulnerability in phpMyFAQ 1.6.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.
Phpmyfaq Phpmyfaq
1 EDB exploit
NA
CVE-2006-6913
Unspecified vulnerability in phpMyFAQ 1.6.7 and previous versions allows remote malicious users to upload arbitrary PHP scripts via unspecified vectors.
Phpmyfaq Phpmyfaq
4.8
CVSSv3
CVE-2017-15728
In phpMyFAQ prior to 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15729
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15731
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15732
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15735
In phpMyFAQ prior to 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
Phpmyfaq Phpmyfaq
8.8
CVSSv3
CVE-2017-15808
In phpMyFaq prior to 2.9.9, there is CSRF in admin/ajax.config.php.
Phpmyfaq Phpmyfaq
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »