CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1756 matches found

OSV•added 2023/03/31 3:30 a.m.•13 views

GHSA-6CPG-GQGQ-2RRR phpMyFAQ Code Injection vulnerability

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

5.4CVSS6.3AI score0.00201EPSS

Exploits1References4

Github Security Blog•added 2023/03/31 3:30 a.m.•18 views

phpMyFAQ Code Injection vulnerability

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

6.3CVSS6.1AI score0.00201EPSS

Exploits1References4Affected Software1

OSV•added 2023/03/31 3:30 a.m.•12 views

GHSA-XWW4-W6FF-5Q3G thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to privilege escalation from improper privilege management. Any user with the ability to add a new user can create a user with super admin rights. This has been fixed in 3.1.12...

8.8CVSS7.7AI score0.0036EPSS

Exploits1References4

NVD•added 2023/03/31 2:15 a.m.•14 views

CVE-2023-1761

Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

6.3CVSS6.2AI score0.00201EPSS

Exploits1References2

NVD•added 2023/03/31 2:15 a.m.•10 views

CVE-2023-1759

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.8CVSS4.6AI score0.0023EPSS

Exploits1References2

NVD•added 2023/03/31 2:15 a.m.•8 views

CVE-2023-1760

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.1CVSS5.7AI score0.00315EPSS

Exploits1References2

NVD•added 2023/03/31 2:15 a.m.•14 views

CVE-2023-1762

Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.8CVSS7.5AI score0.0036EPSS

Exploits1References2

Prion•added 2023/03/31 2:15 a.m.•10 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

5.8CVSS4.9AI score0.0023EPSS

Exploits1References2Affected Software1

Prion•added 2023/03/31 2:15 a.m.•10 views

Input validation

Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

5.8CVSS8.8AI score0.0036EPSS

Exploits1References2Affected Software1

NVD•added 2023/03/31 1:15 a.m.•9 views

CVE-2023-1755

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.4CVSS6AI score0.00435EPSS

Exploits1References2

NVD•added 2023/03/31 1:15 a.m.•11 views

CVE-2023-1754

Improper Neutralization of Input During Web Page Generation in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

4.7CVSS4.7AI score0.00304EPSS

Exploits1References2

Prion•added 2023/03/31 1:15 a.m.•8 views

Input validation

Improper Neutralization of Input During Web Page Generation in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

5.8CVSS4.8AI score0.00304EPSS

Exploits1References2Affected Software1

CVE•added 2023/03/31 12:0 a.m.•73 views

CVE-2023-1761

CVE-2023-1761 concerns a Cross-site Scripting (XSS) vulnerability in the GitHub repository for thorsten/phpMyFAQ, affecting versions prior to 3.1.12 . The vulnerability exists in the code path used to render user-controllable content, enabling an attacker to inject script in affected configuratio...

6.3CVSS5.4AI score0.00201EPSS

Exploits1References2Affected Software1

OSV•added 2023/03/31 12:0 a.m.•15 views

CVE-2023-1761 Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

6.3CVSS5.9AI score0.00201EPSS

Exploits1References4

Vulnrichment•added 2023/03/31 12:0 a.m.•6 views

CVE-2023-1753 Weak Password Requirements in thorsten/phpmyfaq

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

5.5CVSS9.6AI score0.00288EPSS

Exploits1References2

Positive Technologies•added 2023/03/31 12:0 a.m.•1 views

PT-2023-17221 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue concerns Code Injection and Cross-site Scripting in the thorsten/phpmyfaq GitHub repository. Recommendations: For versions prior to 3.1.12, update to version 3.1.12 or later to...

6.3CVSS6AI score0.00201EPSS

Exploits1References8

Positive Technologies•added 2023/03/31 12:0 a.m.•2 views

PT-2023-17219 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.12 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation, allowing attackers to inject malicious scripts...

4.8CVSS4.5AI score0.0023EPSS

Exploits1References9

Positive Technologies•added 2023/03/31 12:0 a.m.•1 views

PT-2023-17214 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.1.12 Description: The issue is related to improper neutralization of input during web page generation, which can also be described as improper input validation. This affects the GitHub repository thorsten/phpmyfaq...

4.7CVSS4.9AI score0.00304EPSS

Exploits1References9

Vulnrichment•added 2023/03/31 12:0 a.m.•6 views

CVE-2023-1755 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

8.4CVSS5.3AI score0.00435EPSS

Exploits1References2

Vulnrichment•added 2023/03/31 12:0 a.m.•6 views

CVE-2023-1761 Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

6.3CVSS6.2AI score0.00201EPSS

Exploits1References2