1756 matches found
CVE-2025-62519 phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...
CVE-2025-62519 phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...
CVE-2025-62519
Summary: CVE-2025-62519 affects phpMyFAQ prior to 4.0.14, where an authenticated attacker with Configuration Edit permissions can exploit an SQL injection in the configuration update flow. The vulnerability stems from unsafely using user-supplied form keys as SQL identifiers in the update path (C...
CVE-2025-62519 phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...
EUVD-2025-197804
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.14, an authenticated SQL injection vulnerability in the main configuration update functionality of phpMyFAQ allows a privileged user with 'Configuration Edit' permissions to execute arbitrary SQL commands. Successful exploitatio...
PT-2025-47176
Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.0.14 Description phpMyFAQ is an open source FAQ web application. A privileged user with 'Configuration Edit' permissions can execute arbitrary SQL commands due to an authenticated SQL injection flaw in the main...
phpMyFAQ SQL注入漏洞
phpMyFAQ is a multilingual, fully database-driven FAQ system by the individual developer Thorsten Rinne. A SQL injection vulnerability exists in versions prior to phpMyFAQ 4.0.14, which stems from an SQL injection that could lead to a complete database crack...
phpMyFAQ 4.0.7 < 4.0.13 Privilege Escalation Vulnerability (GHSA-9wj2-4hcm-r74j)
phpMyFAQ is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if...
CVE-2025-59943
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password...
EUVD-2005-3049
Malware in sbrugna...
EUVD-2005-3731
Malware in sbrugna...
EUVD-2014-5937
Malware in sbrugna...
EUVD-2006-6896
Malware in sbrugna...
EUVD-2014-5938
Malware in sbrugna...
EUVD-2017-6119
Malware in sbrugna...
EUVD-2010-4524
Malware in sbrugna...
EUVD-2017-7231
Malware in sbrugna...
EUVD-2011-3740
Malware in sbrugna...
EUVD-2017-7155
Malware in sbrugna...
EUVD-2005-3047
Malware in sbrugna...