CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn'...

6.5CVSS6.7AI score0.00285EPSS

Exploits1References1

Veracode•added 2024/03/29 9:16 a.m.•10 views

Path Traversal

phpmyfaq is vulnerable to Path Traversal. The vulnerability is due to improper validation / sanitisation on user input file paths. The vulnerability allows attackers with admin rights to upload malicious files to other locations of the web root, resulting in path traversal...

3.8CVSS6.6AI score0.0063EPSS

Exploits1References2Affected Software2

NVD•added 2005/03/07 5:0 a.m.•13 views

CVE-2005-0702

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages...

5CVSS7.6AI score0.00264EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by