phpMyFAQ Code Issues Vulnerabilities

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A code issue vulnerability exists in versions of phpMyFAQ prior to 3.1.18, which stems from not restricting the types of files that can be uploaded...

phpMyFAQ Cross-Site Scripting Vulnerability

phpMyFAQ is a multi-language, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ versions prior to 3.1.18. An attacker can exploit this vulnerability to perform cross-site scripting attacks...

PT-2023-31952 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.8 Description: The issue is related to the unrestricted upload of files with dangerous types in the thorsten/phpmyfaq GitHub repository. Recommendations: For versions prior to 3.1.8, update to version...

PT-2023-32040 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.18 Description: The issue is related to Cross-site Scripting XSS - DOM, which allows attackers to execute malicious scripts in the context of the victim's browser. This can lead to unauthorized access t...

PT-2023-32036 · Thorsten · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.18 Description: The issue is related to Cross-site Scripting XSS - DOM, which allows an attacker to execute malicious scripts in the browser of a user. This can lead to unauthorized access to sensitive...

PT-2023-32037 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.18 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the thorsten/phpmyfaq GitHub repository. Recommendations: For versions prior to 3.1.18, update to version 3.1.18 ...

PT-2023-32039 · Unknown · Thorsten/Phpmyfaq

Name of the Vulnerable Software and Affected Versions: thorsten/phpmyfaq versions prior to 3.1.18 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input without proper validation and later displays it, allowing attackers to injec...

FreeBSD : phpmyfaq -- multiple vulnerabilities (ddd3fcc9-2bdd-11ee-9af4-589cfc0f81b0)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ddd3fcc9-2bdd-11ee-9af4-589cfc0f81b0 advisory. - phpmyfaq developers report: Cross Site Scripting vulnerability CSV injection vulnerability...

The vulnerability of the phpMyFAQ web application lies in the absence of a mechanism to neutralize certain elements. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the phpMyFAQ web application is related to the absence of element neutralization mechanisms. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures using a specially crafted CSV file...

Stored Cross-site Scripting (XSS)

phpmyfaq is vulnerable to Cross-site Scripting. The vulnerability exists due to a lack of validation in the user input of Link.php, which allows an attacker to inject and execute malicious Javascript into the browser...

CSV Injection

phpmyfaq is vulnerable to CSV injection attacks. The vulnerability exists due to lack of sanitization in formula elements in a csv file which allows attackers to inject a csv payload and execute it when administer opens the CSV file...

GHSA-2XVX-368H-QCMV phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

GHSA-Q9VM-29PH-P7MP phpMyFAQ Stored Cross-site Scripting vulnerability

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

CVE-2023-4007

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

CVE-2023-4006

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

Input validation

Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

CVE-2023-4007 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

CVE-2023-4007 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...

CVE-2023-4007 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16...