Lucene search
K

1811 matches found

Nuclei
Nuclei
added 9 hours ago51 views

phpMyFAQ < 3.2.0 - Cross-site Scripting

Cross-site Scripting XSS Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2. id: CVE-2023-5863 info: name: phpMyFAQ ' - 'phpMyFAQ' condition: and - type: word part: header words: - "text...

7.4CVSS6.7AI score0.01105EPSS
Exploits1References2
Nuclei
Nuclei
added 9 hours ago52 views

Phpmyfaq v3.1.11 - Cross-Site Scripting

Phpmyfaq v3.1.11 is vulnerable to reflected XSS in send2friend because the 'artlang' parameter is not sanitized. id: CVE-2023-1880 info: name: Phpmyfaq v3.1.11 - Cross-Site Scripting author: r3Y3r53 severity: medium description: | Phpmyfaq v3.1.11 is vulnerable to reflected XSS in send2friend...

8.3CVSS6.7AI score0.01644EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago17 views

phpMyFAQ < 3.1.8 - Cross-Site Scripting

phpMyFAQ versions prior to 3.1.8 contain a reflected cross-site scripting vulnerability in the search functionality. The application fails to properly sanitize user input in the search parameter, allowing attackers to inject and execute malicious JavaScript code in the context of other users'...

7.3CVSS6.8AI score0.05743EPSS
Exploits3References3
Nuclei
Nuclei
added 9 hours ago13 views

phpMyFAQ - Configuration Backup Disclosure

phpMyFAQ = 4.0.16 contains an information disclosure vulnerability caused by unauthenticated access to configuration backup ZIP generation and download, letting remote attackers access sensitive configuration files, exploit requires no authentication. id: CVE-2025-69200 info: name: phpMyFAQ -...

7.5CVSS6.1AI score0.02005EPSS
Exploits1References3
Nuclei
Nuclei
added 9 hours ago17 views

phpMyFAQ <= 4.1.1 - SQL Injection

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...

9.8CVSS6.1AI score0.01709EPSS
Exploits0References3
NVD
NVD
added 3 days ago7 views

CVE-2026-57994

phpMyFAQ before 4.1.5 applies inconsistent active=yes and publication-date filtering across its public FAQ API endpoints, allowing unauthenticated attackers to retrieve inactive draft or review-only FAQ content. Specifically, GET /api/v3.1/faq/categoryId/faqId returns the inactive FAQ title and...

6.9CVSS0.00214EPSS
Exploits0References2
CVE
CVE
added 3 days ago8 views

CVE-2026-57994

phpMyFAQ is affected: versions before 4.1.5 expose inactive content through public API endpoints due to inconsistent active flag and publication-date filtering. Specifically, GET /api/v3.1/faq/{categoryId}/{faqId} returns inactive title and full answer, while GET /api/v3.1/faqs/tags/{tagId} and G...

6.9CVSS6.1AI score0.00214EPSS
Exploits0References2
CVE
CVE
added 3 days ago6 views

CVE-2026-57961

phpMyFAQ قبل 4.1.5 contains an authenticated path traversal in Export/Pdf/Wrapper.php (concatenatePaths). An FAQ editor can inject HTML that includes crafted image paths; the code uses strpos() to locate the substring “content” in a user-controlled path, and if “content” is absent the result beco...

5.1CVSS6.1AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42892

phpMyFAQ before 4.1.5 applies inconsistent active=yes and publication-date filtering across its public FAQ API endpoints, allowing unauthenticated attackers to retrieve inactive draft or review-only FAQ content. Specifically, GET /api/v3.1/faq/categoryId/faqId returns the inactive FAQ title and...

6.9CVSS6.1AI score0.00214EPSS
Exploits0References2
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-42891

phpMyFAQ before 4.1.5 contains a potential authenticated path traversal vulnerability in the concatenatePaths function within src/phpMyFAQ/Export/Pdf/Wrapper.php. A user with FAQ editing privileges can store HTML containing crafted image paths that are processed during PDF generation. The path...

5.1CVSS6.1AI score0.0027EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-57961 phpMyFAQ - Authenticated Path Traversal in PDF Export via concatenatePaths Function

phpMyFAQ before 4.1.5 contains a potential authenticated path traversal vulnerability in the concatenatePaths function within src/phpMyFAQ/Export/Pdf/Wrapper.php. A user with FAQ editing privileges can store HTML containing crafted image paths that are processed during PDF generation. The path...

5.1CVSS0.0027EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-57994 phpMyFAQ - Information Disclosure of Inactive FAQ Content via Public API Endpoints

phpMyFAQ before 4.1.5 applies inconsistent active=yes and publication-date filtering across its public FAQ API endpoints, allowing unauthenticated attackers to retrieve inactive draft or review-only FAQ content. Specifically, GET /api/v3.1/faq/categoryId/faqId returns the inactive FAQ title and...

6.9CVSS0.00214EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.12 views

EUVD-2026-40454

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUPEDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-valu...

8.8CVSS5.8AI score0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.25 views

CVE-2026-57995 phpMyFAQ - Privilege Escalation via Missing Self-Rights Constraint in GroupController::updatePermissions

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUPEDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-valu...

8.8CVSS0.00325EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.23 views

CVE-2026-57995

phpMyFAQ

8.8CVSS5.8AI score0.00325EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:8 p.m.4 views

CVE-2026-57995

phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUPEDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-valu...

8.8CVSS5.8AI score0.00325EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54050

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.5 Description An issue exists in the updatePermissions function within the GroupController that allows administrators with GROUP EDIT privileges to grant arbitrary rights to groups without verifying if they posse...

8.8CVSS6.2AI score0.00325EPSS
Exploits0References6
OSV
OSV
added 2026/06/26 9:23 p.m.3 views

GHSA-985R-Q3QP-299H phpMyFAQ has an incomplete fix for GHSA-xvp4-phqj-cjr3 — editUser() and updateUserRights() lack authorization guards

Advisory / Disclosure phpMyFAQ 4.1.3 — incomplete fix for the admin-API IDOR/privilege-escalation class Target: thorsten/phpMyFAQ composer: thorsten/phpmyfaq, phpmyfaq/phpmyfaq Affected: "Only SuperAdmins may change other users' attributes. Self-service is always allowed." and "a non-SuperAdmin...

8.1CVSS6AI score0.00251EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 10:27 p.m.11 views

EUVD-2026-37954

phpMyFAQ: Missing userHasPermission in 4 API write endpoints CVE-2026-24421 Incomplete Fix...

6.5CVSS5.8AI score0.01734EPSS
Exploits3References3
EUVD
EUVD
added 2026/06/23 10:2 p.m.13 views

EUVD-2026-35091

phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing...

6.9CVSS5.8AI score0.00182EPSS
Exploits0References3
Rows per page
Query Builder