Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1756 matches found

Veracode
Veracodeadded 2017/09/29 9:50 a.m.20 views

Cross-site Scripting (XSS)

phpMyFaq is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the questions field when entering a new question through inc/PMF/Faq.php, allowing a malicious user to inject arbitrary web script through it. The web script is then executed when a user clicks on t...

4.8CVSS5.4AI score0.00552EPSS
Exploits5References5Affected Software1
CNVD
CNVDadded 2017/09/21 12:0 a.m.1 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2017-34019)

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site scripting vulnerability exists in...

6.1CVSS6AI score0.01062EPSS
Exploits4References1
Exploit DB
Exploit DBadded 2017/09/21 12:0 a.m.40 views

PHPMyFAQ 2.9.8 - Cross-Site Scripting (1)

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...

4.8CVSS5.8AI score0.00552EPSS
Exploits5
OpenVAS
OpenVASadded 2017/09/21 12:0 a.m.44 views

phpMyFAQ < 2.9.9 Multiple XSS And CSRF Vulnerabilities

phpMyFAQ is prone to multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

8.8CVSS7.6AI score0.01062EPSS
Exploits16References3
Packet Storm
Packet Stormadded 2017/09/21 12:0 a.m.40 views

phpMyFAQ 2.9.8 Cross Site Scripting

Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps CVE: CVE-2017-1461...

5.5AI score0.00552EPSS
Exploits5
0day.today
0day.todayadded 2017/09/21 12:0 a.m.39 views

PHPMyFAQ 2.9.8 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...

3.5CVSS6.1AI score0.00552EPSS
Exploits5
exploitpack
exploitpackadded 2017/09/21 12:0 a.m.31 views

PHPMyFAQ 2.9.8 - Cross-Site Scripting (1)

PHPMyFAQ 2.9.8 - Cross-Site Scripting 1 Exploit Title: phpMyFAQ 2.9.8 Stored XSS Vendor Homepage: http://www.phpmyfaq.de/ Software Link: http://download.phpmyfaq.de/phpMyFAQ-2.9.8.zip Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website:...

3.5CVSS0.00552EPSS
Exploits5
Prion
Prionadded 2017/09/20 9:29 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action...

3.5CVSS5.2AI score0.00552EPSS
Exploits5References3Affected Software1
OSV
OSVadded 2017/09/20 9:29 p.m.30 views

CVE-2017-14618

Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action...

4.8CVSS5.7AI score
Exploits0References3
NVD
NVDadded 2017/09/20 9:29 p.m.20 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.1CVSS6AI score0.01062EPSS
Exploits4References4
Prion
Prionadded 2017/09/20 9:29 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

4.3CVSS6AI score0.01062EPSS
Exploits4References4Affected Software1
OSV
OSVadded 2017/09/20 9:29 p.m.17 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.1CVSS5.7AI score
Exploits0References4
NVD
NVDadded 2017/09/20 9:29 p.m.18 views

CVE-2017-14618

Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action...

4.8CVSS5.7AI score0.00552EPSS
Exploits5References3
CVE
CVEadded 2017/09/20 9:0 p.m.80 views

CVE-2017-14619

CVE-2017-14619 affects phpMyFAQ &lt;= 2.9.8. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script/HTML via the "Title of your FAQ" field in the Configuration Module. Multiple connected sources corroborate a stored/reflected-like XSS path i...

6.1CVSS6AI score0.01062EPSS
Exploits4References4Affected Software1
Cvelist
Cvelistadded 2017/09/20 9:0 p.m.25 views

CVE-2017-14618

Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action...

5.5AI score0.00552EPSS
Exploits5References3
Cvelist
Cvelistadded 2017/09/20 9:0 p.m.19 views

CVE-2017-14619

Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module...

6.2AI score0.01062EPSS
Exploits4References4
CVE
CVEadded 2017/09/20 9:0 p.m.79 views

CVE-2017-14618

CVE-2017-14618 is a documented XSS vulnerability in phpMyFAQ up to version 2.9.8. The flaw resides in inc/PMF/Faq.php, allowing an attacker to inject arbitrary web script or HTML via the Questions field in an Add New FAQ action. Public references (Exploit-DB and packetstorm) confirm a stored XSS ...

4.8CVSS5AI score0.00552EPSS
Exploits5References3Affected Software1
FreeBSD
FreeBSDadded 2017/09/20 12:0 a.m.28 views

phpmyfaq -- multiple issues

phpmyfaq developers report: Cross-site scripting XSS vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. Cross-site scripting XSS vulnerability in phpMyFAQ through 2.9.8 allow...

5.9AI score
Exploits0References2
Veracode
Veracodeadded 2017/07/14 10:51 a.m.18 views

Cross-site Request Forgery (CSRF)

phpMyFAQ is vulnerable to cross-site request forgery CSRF. The library does not properly escape certain strings, allowing a malicious website to change a user's settings...

6.8CVSS6AI score0.00386EPSS
Exploits0References8Affected Software1
Veracode
Veracodeadded 2017/07/13 2:4 a.m.15 views

Brute Force Attacks

phpMyFAQ is vulnerable to brute force attacks. The library does not lockout an account after too many failed attempts, allowing a malicious user to brute force a password to an account...

9.8CVSS9.2AI score0.00268EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder