Lucene search
K

11 matches found

OSV
OSV
added 2026/05/15 9:31 p.m.8 views

GHSA-P9WC-4PJV-RG82 Duplicate Advisory: phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pm8c-3qq3-72w7. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated...

7.7CVSS6AI score0.00212EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/05/15 9:31 p.m.9 views

Duplicate Advisory: phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pm8c-3qq3-72w7. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated...

7.7CVSS6AI score0.00212EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2026/05/15 7:17 p.m.23 views

CVE-2026-46359

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...

7.7CVSS0.00212EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/15 6:36 p.m.8 views

CVE-2026-46359 phpMyFAQ - SQL Injection in CurrentUser::setTokenData via Unescaped OAuth Token Fields

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...

7.7CVSS6.1AI score0.00212EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/15 6:36 p.m.12 views

CVE-2026-46359

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...

7.5CVSS6.1AI score0.00212EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/15 6:36 p.m.47 views

CVE-2026-46359 phpMyFAQ - SQL Injection in CurrentUser::setTokenData via Unescaped OAuth Token Fields

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break...

7.7CVSS0.00212EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.10 views

phpMyFAQ SQL注入漏洞

phpMyFAQ is a multilingual, database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.2 had an SQL injection vulnerability. This vulnerability stems from the SQL injection in the CurrentUser::setTokenData function, which could allow authenticated attackers to execu...

7.7CVSS6.1AI score0.00212EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/06 8:44 p.m.9 views

phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields

Summary CurrentUser::setTokenData in phpmyfaq/src/phpMyFAQ/User/CurrentUser.php at lines 515-534 builds a SQL UPDATE statement with sprintf and interpolates OAuth token fields refreshtoken, accesstoken, codeverifier, and jsonencode$token'jwt' without calling $db-escape. Sibling methods...

7.7CVSS6.1AI score0.00212EPSS
Exploits0References4Affected Software2
vulnersOsv
vulnersOsv
added 2019/01/04 5:50 p.m.6 views

directory-validators (>=4.4.1 <=4.5.0), django-admin-caching (=0.1.3) +27 more potentially affected by CVE-2018-7536 via django (>=1.11.0 <=1.11.10)

django PYPI version =1.11.0, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 - django-misa =0.0.1 - django-mogi =0.0.1 and more Source cves: CVE-2018-7536 Source advisory: OSV:GHSA-R28V-MW67-M5P9...

5.3CVSS6.7AI score0.04772EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/08/03 5:29 p.m.5 views

cosmicdb (>=0.0.19 <=0.0.24), directory-api-client (=9.15.2) +31 more potentially affected by CVE-2018-14574 via django (>=1.11.0 <=1.11.14)

django PYPI version =1.11.0, =0.0.19, =4.4.1, =0.6.0, =0.5.0, =0.1.0, =1.0.0, =0.1.2, =0.2.0 - django-inline-actions =1.1.0 - django-mbrowse =0.0.1 and more Source cves: CVE-2018-14574 Source advisory: OSV:PYSEC-2018-2...

6.1CVSS6.5AI score0.2549EPSS
Exploits0
NVD
NVD
added 2011/02/28 4:0 p.m.18 views

CVE-2011-1008

ScripsOverlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by custom-field value information,...

4CVSS6.2AI score0.01533EPSS
Exploits0References15
Rows per page
Query Builder