PT-2023-17308 · Thorsten · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to Cross-site Scripting XSS, specifically reflected and stored XSS. It occurs because the software fails to properly sanitize user input in the artlang parameter. Th...

phpMyFAQ 安全漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

CVE-2023-1885 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1758 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in thorsten/phpmyfaq

Failure to Sanitize Special Elements into a Different Plane Special Element Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1756

CVE-2023-1756 affects the PHPMyFAQ project by a stored XSS flaw in thorsten/phpmyfaq versions prior to 3.1.12, arising from unsanitized user input during HTML export. The issue is documented as a stored XSS vulnerability and is specifically tied to the HTML export feature, with fixed remediation ...

CVE-2023-1758

CVE-2023-1758 affects thorsten/phpmyfaq (phpMyFAQ) prior to version 3.1.12. The issue is a failure to sanitize special elements into a different plane, which enables stored cross-site scripting (XSS) via the FAQ comment username parameter. The vulnerability is documented by multiple sources (GitH...

CVE-2023-1883 Improper Access Control in thorsten/phpmyfaq

Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1878

The CVE-2023-1878 issue concerns thorsten/phpmyfaq versions prior to 3.1.12, where a stored XSS vulnerability exists in the adminlog due to unsanitized input. Exploitation could allow an attacker to execute script in a victim’s browser when adminlog data is viewed. The vulnerability is fixed in v...

CVE-2023-1884 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1885 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1883 Improper Access Control in thorsten/phpmyfaq

Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

PT-2023-17312 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to Cross-site Scripting XSS due to the failure to sanitize user input in the stopword parameter. This allows for potential exploitation. The estimated number of...

CVE-2023-1882 Cross-site Scripting (XSS) - DOM in thorsten/phpmyfaq

Cross-site Scripting XSS - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

PT-2023-17216 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to stored Cross-site Scripting XSS due to the failure to sanitize user input in the FAQ site while generating an HTML Export. Recommendations: For versions prior to...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by Thorsten Rinne, a personal developer. A cross-site scripting vulnerability exists in phpMyFAQ. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.12. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

CVE-2023-1884 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

PT-2023-17313 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to stored Cross-site Scripting XSS due to the failure to sanitize user input in the category field name parameter. This allows for the storage of malicious scripts...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.12. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.12, which stems from the presence of a stored cross-site scripting XSS vulnerability...