Lucene search
Veracode Vulnerability DatabaseVERACODE:40070HistoryApr 07, 2023 - 7:17 a.m.
Improper Input Validation
2023-04-0707:17:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
improper input validation
frontend outputs
privileged operations
sensitive data
xss
log messages
0.001 Low
EPSS
Percentile
21.6%
phpmyfaq is vulnerable to Improper Input Validation. The library does not properly neutralize user-controllable inputs before it is placed as frontend outputs on a web page served to other users which allows an attacker to perform privileged operations on behalf of the user or gain access to sensitive data or cause XSS through log messages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 | |
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 |
Related
cvelist
cvelist
cve
cve
CVE-2023-1754
2023-03-31 01:15:09
osv
osv
phpMyFAQ vulnerable to improper input validation
2023-03-31 03:30:31
CVE-2023-1754
2023-03-31 01:15:09
nvd
nvd
CVE-2023-1754
2023-03-31 01:15:09
github
github
phpMyFAQ vulnerable to improper input validation
2023-03-31 03:30:31
huntr
huntr
XSS @ group
2023-03-08 21:15:14
prion
prion
Input validation
2023-03-31 01:15:00
openvas
openvas
phpMyFAQ < 3.1.12 Multiple Vulnerabilities
2023-04-04 00:00:00