1756 matches found
CVE-2023-6889
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17...
CVE-2023-6889
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17...
CVE-2023-6890 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17...
CVE-2023-6890
CVE-2023-6890 is a stored Cross‑site Scripting (XSS) vulnerability in the PHPMyFAQ project. The issue affects versions prior to 3.1.17 and stems from inadequate input filtering/escaping of user-supplied data, enabling an attacker to inject and execute arbitrary web script or HTML. The vulnerabili...
CVE-2023-6889 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17...
CVE-2023-6889
CVE-2023-6889 is a stored Cross-site Scripting (XSS) vulnerability affecting phpMyFAQ versions prior to 3.1.17 (GitHub repository thorsten/phpmyfaq). The available connected documents consistently describe the flaw as a stored XSS issue in phpMyFAQ and reference public disclosures/advisories (inc...
PT-2023-32800 · Unknown · Thorsten/Phpmyfaq
Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.17 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation, allowing attackers to inject malicious scripts...
PT-2023-32801 · Unknown · Thorsten/Phpmyfaq
Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.17 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation and later displays it, allowing attackers to injec...
phpMyFAQ Cross-Site Scripting Vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.1.17, which stems from vulnerability to stored cross-site scripting XSS attacks...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.1.17, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute...
FreeBSD : phpmyfaq -- multiple vulnerabilities (4f370c80-79ce-11ee-be8e-589cfc0f81b0)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4f370c80-79ce-11ee-be8e-589cfc0f81b0 advisory. - Cross-site Scripting XSS - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2...
phpMyFAQ Information Disclosure Vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system. An information disclosure vulnerability exists in phpMyFAQ versions prior to 3.2.2, which stems from the presence of sensitive cookies in an HTTPS session, and can be exploited by an attacker to obtain sensitive information...
phpMyFAQ FileName parameter cross-site scripting vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the lack of effective filtering and escaping of user-supplied data in the FileName parameter of the file attachment upload function, an...
phpMyFAQ action parameter cross-site scripting vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the lack of effective filtering and escaping of user-supplied data in the action parameter of admin/index.php?action=, and can be...
phpMyFAQ Access Control Error Vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system. An access control error vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the presence of insufficient session expiration. An attacker can exploit this vulnerability to still use old sessions...
phpMyFAQ < 3.2.2 Multiple Vulnerabilities
phpMyFAQ is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if description...
phpMyFAQ < 3.2.1 Multiple Vulnerabilities
phpMyFAQ is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"; if description...
Cross-site Scripting (XSS)
phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of HTML elements validation in login.php, which allows an attacker to inject and execute malicious JavaScript into the browser...
Cross-site Scripting (XSS)
phpmyfaq is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of HTML elements validation in Faq.php, which allows an attacker to inject and execute malicious JavaScript in the browser...