CVE-2026-46360 phpMyFAQ - Stored XSS via Entity Decoding Depth Limit Bypass in SVG Sanitizer

phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in SvgSanitizer::decodeAllEntities that limits recursive entity decoding to 5 iterations, allowing attackers to bypass sanitization. Authenticated users with FAQEDIT permission can upload malicious SVG files with deeply...

PT-2026-29784

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages method in phpmyfaq/src/phpMyFAQ/Search.php uses real escape string via escape to sanitize the search term before embedding it in LIKE clauses. However, real escape string does not escape SQL LIKE...

CVE-2026-27836

phpMyFAQ prior to v4.0.18 is vulnerable due to the WebAuthn prepare endpoint (/api/webauthn/prepare), which creates new active user accounts without authentication, CSRF protection, captcha, or config checks. This allows unauthenticated attackers to create unlimited user accounts even when regist...

phpMyFAQ 安全漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ version 3.2.10 up to and including version 4.0.2, which stems from malicious HTML content that can be injected into the FAQ editor, corrupting the...

phpMyFAQ 安全漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...