Lucene search
Veracode Vulnerability DatabaseVERACODE:39345HistoryFeb 19, 2023 - 9:14 a.m.
Stored HTML Injection
2023-02-1909:14:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
phpmyfaq
stored html injection
question form
web page
code execution
0.002 Low
EPSS
Percentile
54.3%
phpmyfaq is vulnerable to Stored HTML Injection. The vulnerability exists due to improper handling of inputs through the Question Form, which allows an attacker to inject and execute malicious HTML content in the web page when an admin approves the question, possibly leading to code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 | |
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 |
Related
osv
osv
CVE-2023-0788
2023-02-12 14:15:11
Code Injection in thorsten/phpmyfaq
2023-02-12 15:30:25
github
github
Code Injection in thorsten/phpmyfaq
2023-02-12 15:30:25
prion
prion
Code injection
2023-02-12 14:15:00
cve
cve
CVE-2023-0788
2023-02-12 14:15:11
cnvd
cnvd
phpMyFAQ Code Injection Vulnerability (CNVD-2023-09631)
2023-02-14 00:00:00
cvelist
cvelist
CVE-2023-0788 Code Injection in thorsten/phpmyfaq
2023-02-12 00:00:00
nvd
nvd
CVE-2023-0788
2023-02-12 14:15:11
huntr
huntr
stored HTML-Injection throuth the Question Form
2023-01-23 23:32:01
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00