Phpmyfaq@1.3.1 Security Vulnerabilities and Issues — Phpmyfaq@1.3.1 CVE List

Lucene search

PhpmyfaqPhpmyfaq1.3.1

6 matches found

CVE•added 2010/04/21 2:30 p.m.•58 views

CVE-2009-4780

Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) the tagging_id parameter in a search action, (4) t...

4.3CVSS5.7AI score0.00138EPSS

CVE•added 2007/02/21 11:28 a.m.•54 views

CVE-2007-1032

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."

6.8CVSS6.7AI score0.00548EPSS

CVE•added 2009/11/20 7:30 p.m.•47 views

CVE-2009-4040

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page.

4.3CVSS5.7AI score0.00322EPSS

CVE•added 2012/10/22 11:55 p.m.•40 views

CVE-2010-4821

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.

4.3CVSS5.9AI score0.02214EPSS

Web

CVE•added 2014/02/14 4:55 p.m.•39 views

CVE-2014-0813

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

6.8CVSS7.3AI score0.00386EPSS

CVE•added 2014/02/14 4:55 p.m.•39 views

CVE-2014-0814

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00532EPSS