Lucene search
Veracode Vulnerability DatabaseVERACODE:39347HistoryFeb 19, 2023 - 10:21 a.m.
Account Lockout
2023-02-1910:21:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
33
phpmyfaq
account lockout
input validation
security mechanism
remote attacker
account takeover
0.001 Low
EPSS
Percentile
36.7%
phpmyfaq is vulnerable to Account Lockout. A remote attacker is able to bypass the security mechanism due to improper input validation in the E-Mail field, which may lead to an account takeover or an account lockout without any possibility of recovery.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyfaq/phpmyfaq | le | 3.1.10 | |
| thorsten/phpmyfaq | le | 3.1.10 | |
| phpmyfaq/phpmyfaq | le | 3.1.10 | |
| thorsten/phpmyfaq | le | 3.1.10 |
Related
cvelist
cvelist
CVE-2023-0790 Uncaught Exception in thorsten/phpmyfaq
2023-02-12 00:00:00
nvd
nvd
CVE-2023-0790
2023-02-12 14:15:11
cve
cve
CVE-2023-0790
2023-02-12 14:15:11
osv
osv
CVE-2023-0790
2023-02-12 14:15:11
Uncaught Exception in thorsten/phpmyfaq
2023-02-12 15:30:25
prion
prion
Code injection
2023-02-12 14:15:00
cnvd
cnvd
phpMyFAQ has an unspecified vulnerability (CNVD-2023-09634)
2023-02-14 00:00:00
huntr
huntr
important E-Mail Input Field bypassed allowing Account Lockout and Takeover
2023-01-24 22:33:01
github
github
Uncaught Exception in thorsten/phpmyfaq
2023-02-12 15:30:25
openvas
openvas
phpMyFAQ < 3.1.11 Multiple Vulnerabilities
2023-02-13 00:00:00