11 matches found
GHSA-P9WC-4PJV-RG82 Duplicate Advisory: phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pm8c-3qq3-72w7. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated...
Duplicate Advisory: phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pm8c-3qq3-72w7. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated...
CVE-2026-46359
phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...
CVE-2026-46359 phpMyFAQ - SQL Injection in CurrentUser::setTokenData via Unescaped OAuth Token Fields
phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...
CVE-2026-46359
phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...
CVE-2026-46359 phpMyFAQ - SQL Injection in CurrentUser::setTokenData via Unescaped OAuth Token Fields
phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...
phpMyFAQ SQL注入漏洞
phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 had an SQL injection vulnerability. This vulnerability stems from the SQL injection in the CurrentUser::setTokenData function, which could allow authenticated attackers to execu...
phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields
Summary CurrentUser::setTokenData in phpmyfaq/src/phpMyFAQ/User/CurrentUser.php at lines 515-534 builds a SQL UPDATE statement with sprintf and interpolates OAuth token fields refreshtoken, accesstoken, codeverifier, and jsonencode$token'jwt' without calling $db-escape. Sibling methods...
directory-validators (>=4.4.1 <=4.5.0), django-admin-caching (=0.1.3) +27 more potentially affected by CVE-2018-7536 via django (>=1.11.0 <=1.11.10)
django PYPI version =1.11.0, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 - django-misa =0.0.1 - django-mogi =0.0.1 and more Source cves: CVE-2018-7536 Source advisory: OSV:GHSA-R28V-MW67-M5P9...
cosmicdb (>=0.0.19 <=0.0.24), directory-api-client (=9.15.2) +31 more potentially affected by CVE-2018-14574 via django (>=1.11.0 <=1.11.14)
django PYPI version =1.11.0, =0.0.19, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 and more Source cves: CVE-2018-14574 Source advisory: OSV:PYSEC-2018-2...
CVE-2011-1008
ScripsOverlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information,...