Lucene search
Veracode Vulnerability DatabaseVERACODE:39346HistoryFeb 19, 2023 - 9:38 a.m.
Stored HTML Injection
2023-02-1909:38:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
stored html injection
phpmyfaq
vulnerability
faq-proposal form
admin
code execution
0.001 Low
EPSS
Percentile
45.1%
phpmyfaq is vulnerable to Stored HTML Injection. The vulnerability exists due to improper handling of inputs through the FAQ-Proposal Form, which allows an attacker to inject and execute malicious HTML content in the web page when an admin views the proposal, possibly leading to code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 | |
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 |
Related
huntr
huntr
stored HTML-Injection in the FAQ-Proposal
2023-01-24 00:01:07
osv
osv
CVE-2023-0789
2023-02-12 14:15:11
Command Injection in thorsten/phpmyfaq
2023-02-12 15:30:25
nvd
nvd
CVE-2023-0789
2023-02-12 14:15:11
cnvd
cnvd
phpMyFAQ command injection vulnerability
2023-02-14 00:00:00
prion
prion
Command injection
2023-02-12 14:15:00
github
github
Command Injection in thorsten/phpmyfaq
2023-02-12 15:30:25
cve
cve
CVE-2023-0789
2023-02-12 14:15:11
cvelist
cvelist
CVE-2023-0789 Command Injection in thorsten/phpmyfaq
2023-02-12 00:00:00
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00