1756 matches found
CVE-2023-5865 Insufficient Session Expiration in thorsten/phpmyfaq
Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2...
CVE-2023-5863 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
Cross-site Scripting XSS - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2...
CVE-2023-5863 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
Cross-site Scripting XSS - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2...
CVE-2023-5863
CVE-2023-5863 is a reflected XSS vulnerability in phpMyFAQ prior to 3.2.2. The issue arises from insufficient filtering/escaping in the action parameter of admin/index.php?action=, allowing an attacker to inject script via reflected input. Exploitation can enable arbitrary Web script execution or...
CVE-2023-5864
CVE-2023-5864 concerns a Cross-site Scripting (XSS) vulnerability in phpMyFAQ (Thorsten/phpMyFAQ). Affected software is phpMyFAQ versions prior to 3.2.1 (some sources reference 3.2.1/3.2.2 as thresholds). The issue is stored XSS via user-controllable input that is stored and later rendered to oth...
CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...
CVE-2023-5863 Cross-site Scripting (XSS) - Reflected in thorsten/phpmyfaq
Cross-site Scripting XSS - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2...
CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...
CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq
Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...
phpMyFAQ 安全漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system. An information disclosure vulnerability exists in phpMyFAQ versions prior to 3.2.2, which stems from the presence of sensitive cookies in an HTTPS session, and can be exploited by an attacker to obtain sensitive information...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the lack of effective filtering and escaping of user-supplied data in the FileName parameter of the file attachment upload function, an...
PT-2023-32384 · Phpmyfaq · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: phpmyfaq versions prior to 3.2.2 Description: The issue is related to insufficient session expiration. Recommendations: For versions prior to 3.2.2, update to version 3.2.2 or later to resolve the issue...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the lack of effective filtering and escaping of user-supplied data in the action parameter of admin/index.php?action=, and can be...
phpmyfaq -- multiple vulnerabilities
phpmyfaq developers report: XSS Insufficient session expiration...
phpMyFAQ 代码问题漏洞
phpMyFAQ is a multi-language, fully database-driven FAQ system. An access control error vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the presence of insufficient session expiration. An attacker can exploit this vulnerability to still use old sessions...
phpMyFAQ Cross-Site Scripting Vulnerability
phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from vulnerability to stored cross-site scripting XSS attacks...
PT-2023-32383 · Thorsten · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.2.1 Description: The issue is related to Cross-site Scripting XSS - Stored, which means an attacker can inject malicious scripts into the application, potentially affecting users who access the compromise...
Cross-Site Scripting (XSS)
thorsten/phpmyfaq is vulnerable to Cross Site Scripting. The vulnerability is due to a lack of url sanitization in instances.php which allow an attacker to pass a malicious URL...
Unrestricted File Upload
thorsten/phpmyfaq is vulnerable to Unrestricted File Upload. The vulnerability is due to the system allowing the upload of arbitrary files without validating the MIME type. An attacker can exploit this issue by uploading malicious files to the server, potentially leading to remote code execution...
Cross Site Scripting
thorsten/phpmyfaq is vulnerable to Cross Site Scripting. The vulnerability is due to improper sanitization of data. This can be exploited by an attacker to inject malicious JavaScript into the web application...