phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.11, which stems from stored cross-site scripting XSS...

CVE-2023-0788 Code Injection in thorsten/phpmyfaq

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

CVE-2023-0793 Weak Password Requirements in thorsten/phpmyfaq

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

CVE-2023-0786

CVE-2023-0786 describes a Cross-site Scripting (XSS) vulnerability in the PHP/MyFAQ project thorsten/phpmyfaq prior to version 3.1.11. The affected software is thorsten/phpmyfaq; the issue is identified as XSS. Remediation suggested by the connected records is to upgrade to 3.1.11 or later. Other...

CVE-2023-0791

CVE-2023-0791 affects phpMyFAQ prior to 3.1.11 with a stored XSS vulnerability. Multiple connected sources (NVD, CNVD, GHSA, OSV, CNNVD, CVE listing) confirm a stored XSS in this version range. Remediation is to upgrade to 3.1.11 or later, as indicated by multiple references.

CVE-2023-0790

CVE-2023-0790 affects the PHPMyFAQ project, specifically versions prior to 3.1.11. The vulnerability is described as an uncaught exception in the GitHub repository thorsten/phpmyfaq. The available connected sources corroborate the issue and identify 3.1.11 as the fixed version. Impact details in ...

CVE-2023-0789 Command Injection in thorsten/phpmyfaq

Command Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 are vulnerable to a cross-site scripting vulnerability that stems from stored cross-site scripting XSS. No detailed vulnerability details are currently available...

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 are vulnerable to a cross-site scripting vulnerability that originates from cross-site scripting XSS. No detailed vulnerability details are currently available...

CVE-2023-0793 Weak Password Requirements in thorsten/phpmyfaq

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

CVE-2023-0786 Cross-site Scripting (XSS) - Generic in thorsten/phpmyfaq

Cross-site Scripting XSS - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

CVE-2023-0788

CVE-2023-0788 affects phpMyFAQ before version 3.1.11 (thorsten/phpmyfaq). The vulnerability is a Code Injection in the application. Public records show a high-severity issue with CVSSv3.1: base score 9.8 (CRITICAL) per NVD, with network access, no user interaction, and high impact on confidential...

CVE-2023-0791 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

CVE-2023-0794 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11...

phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report: a bypass to flood admin with FAQ proposals stored XSS in questions stored HTML injections weak passwords...

Cross-site Scripting (XSS)

phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to missing conversions of HTML entities in the library, allowing an attacker to inject and execute malicious JavaScript...

Cross-site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to missing checks on redirect values in index.php, allowing an attacker to inject and execute malicious JavaScript...

Cross-Site Scripting (XSS)

phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to improper user input sanitization in add.php which allows an attacker to inject and execute arbitrary scripts...

Cross-Site Scripting (XSS)

phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability exists due to improper sanitization of user inputs in index.php which allows an attacker to inject and execute arbitrary JavaScript...

Cross-Site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper user input sanitization in record.comments.php which allows an attacker to inject and execute arbitrary scripts...