CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1767 matches found

CNVD•added 2023/05/19 12:0 a.m.•7 views

phpMyFAQ cross-site scripting vulnerability (CNVD-2023-39428)

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.0-beta. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacke...

7.2CVSS6AI score0.0052EPSS

Exploits1References1

OpenVAS•added 2023/05/18 12:0 a.m.•12 views

phpMyFAQ < 3.2.0-beta Multiple XSS Vulnerabilities

phpMyFAQ is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.2CVSS6.8AI score0.0052EPSS

Exploits1References2

Github Security Blog•added 2023/05/17 9:30 a.m.•19 views

phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.1AI score0.00211EPSS

Exploits0References4Affected Software1

Github Security Blog•added 2023/05/17 9:30 a.m.•21 views

phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.1AI score0.0052EPSS

Exploits1References4Affected Software1

OSV•added 2023/05/17 9:30 a.m.•14 views

GHSA-J657-PJGC-C4H6 phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

5.4CVSS5.4AI score0.0052EPSS

Exploits1References4

OSV•added 2023/05/17 9:30 a.m.•16 views

GHSA-VPPQ-6FF8-2M8W phpMyFAQ vulnerable to stored Cross-site Scripting

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

5.4CVSS5.5AI score0.00211EPSS

Exploits0References4

NVD•added 2023/05/17 8:15 a.m.•14 views

CVE-2023-2753

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS5.8AI score0.00211EPSS

Exploits0References2

NVD•added 2023/05/17 8:15 a.m.•12 views

CVE-2023-2752

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS5.8AI score0.0052EPSS

Exploits1References2

ATTACKERKB•added 2023/05/17 8:15 a.m.•2 views

CVE-2023-2752

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.8AI score0.0052EPSS

Exploits1References3

Veracode•added 2023/05/17 7:42 a.m.•19 views

Cross-Site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability exists in getAllLinkTagsById of Tags.php due to missing conversion of the tag field to html entities which allows an attacker to inject and execute arbitrary javascript...

4.8CVSS6.5AI score0.00243EPSS

Exploits1References4Affected Software1

Veracode•added 2023/05/17 7:36 a.m.•20 views

Cross-Site Scripting (XSS)

thorsten/phpmyfaq is vulnerable to Cross-Site Scripting XSS. The vulnerability exists in record.questions.php due to lack of sanitization of the user inputs of mail parameter which allows an attacker to inject and execute arbitrary javascript...

4.8CVSS6.5AI score0.0023EPSS

Exploits1References5Affected Software1

CNNVD•added 2023/05/17 12:0 a.m.•2 views

phpMyFAQ 跨站脚本漏洞

7.2CVSS5.9AI score0.0052EPSS

Exploits1References3

Vulnrichment•added 2023/05/17 12:0 a.m.•8 views

CVE-2023-2753 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.2AI score0.00211EPSS

Exploits0References2

OSV•added 2023/05/17 12:0 a.m.•12 views

CVE-2023-2752 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.7AI score0.0052EPSS

Exploits1References4

CVE•added 2023/05/17 12:0 a.m.•55 views

CVE-2023-2753

CVE-2023-2753 affects phpMyFAQ prior to 3.2.0-beta, with stored XSS in the FAQ module. The root cause is insufficient input sanitization leading to script injection via stored content (e.g., answers). Impact reported is cross-site scripting; exact exploitation details are not elaborated beyond th...

7.2CVSS5.4AI score0.00211EPSS

Exploits0References2Affected Software1

OSV•added 2023/05/17 12:0 a.m.•14 views

CVE-2023-2753 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS6.7AI score0.00211EPSS

Exploits0References4

Vulnrichment•added 2023/05/17 12:0 a.m.•6 views

CVE-2023-2752 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta...

7.2CVSS5.3AI score0.0052EPSS

Exploits1References2

CVE•added 2023/05/17 12:0 a.m.•117 views

CVE-2023-2752

CVE-2023-2752 concerns a stored Cross-site Scripting (XSS) vulnerability in phpMyFAQ prior to 3.2.0-beta, due to insufficient input filtering/escaping in user-supplied data. The issue is evidenced across multiple sources (NVD/CNVD/OSV) referencing phpMyFAQ’s PHP-based FAQ application and the GitH...

7.2CVSS5.4AI score0.0052EPSS

Exploits1References2Affected Software1