Security Advisories - thorsten/phpmyfaq

thorsten/phpmyfaq Security Advisories for 2.8.21 (58)

phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-4007

Affected version: <3.1.16

Reported by:
GitHub
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability

CVE-2023-4006

Affected version: <3.1.16

Reported by:
GitHub
phpMyFAQ Cross-site Scripting

CVE-2023-3469

Affected version: <3.2.0-beta.2

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to cross-site scripting

CVE-2023-2999

Affected version: <3.1.14

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to cross-site scripting

CVE-2023-2998

Affected version: <3.1.14

Reported by:
GitHub
phpMyFAQ vulnerable to stored Cross-site Scripting

CVE-2023-2753

Affected version: <3.2.0-beta

Reported by:
GitHub
phpMyFAQ vulnerable to stored Cross-site Scripting

CVE-2023-2752

Affected version: <3.2.0-beta

Reported by:
GitHub
Cross Site Scripting in thorsten/phpmyfaq

CVE-2023-2427

Affected version: <3.1.13

Reported by:
GitHub
Cross Site Scripting in thorsten/phpmyfaq

CVE-2023-2550

Affected version: <3.1.13

Reported by:
GitHub
phpMyFAQ Improper Access Control vulnerability

CVE-2023-2429

Affected version: <3.1.13

Reported by:
GitHub
phpMyFAQ vulnerable to Stored Cross-site Scripting

CVE-2023-2428

Affected version: <3.1.13

Reported by:
GitHub
Cross-site Scripting in thorsten/phpmyfaq

CVE-2023-1875

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) in FAQ comment username parameter

CVE-2023-1758

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via HTML export

CVE-2023-1756

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via FAQ News link parameter

CVE-2023-1757

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via adminlog

CVE-2023-1878

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter

CVE-2023-1879

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via artlang parameter

CVE-2023-1880

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to DOM cross-site scripting (XSS) via configuration privacy note URL parameter

CVE-2023-1882

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to cross-site scripting (XSS) via stopword parameter

CVE-2023-1884

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to improper access control

CVE-2023-1883

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via category field name parameter

CVE-2023-1885

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to authentication bypass

CVE-2023-1886

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable to business logic errors

CVE-2023-1887

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-1760

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-1759

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ Cross-site Scripting vulnerability

CVE-2023-1755

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ has weak password requirements

CVE-2023-1753

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ vulnerable to improper input validation

CVE-2023-1754

Affected version: <3.1.12

Reported by:
GitHub
thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management

CVE-2023-1762

Affected version: <3.1.12

Reported by:
GitHub
phpMyFAQ Code Injection vulnerability

CVE-2023-1761

Affected version: <3.1.12

Reported by:
GitHub
Misinterpretation of Input in thorsten/phpmyfaq

CVE-2023-0880

Affected version: <3.1.11

Reported by:
GitHub
Cross-site Scripting in thorsten/phpmyfaq

CVE-2023-0786

Affected version: <3.1.11

Reported by:
GitHub
Code Injection in thorsten/phpmyfaq

CVE-2023-0788

Affected version: <3.1.11

Reported by:
GitHub
Code Injection in thorsten/phpmyfaq

CVE-2023-0792

Affected version: <3.1.11

Reported by:
GitHub
Uncaught Exception in thorsten/phpmyfaq

CVE-2023-0790

Affected version: <3.1.11

Reported by:
GitHub
Cross-site Scripting in thorsten/phpmyfaq

CVE-2023-0787

Affected version: <3.1.11

Reported by:
GitHub
Command Injection in thorsten/phpmyfaq

CVE-2023-0789

Affected version: <3.1.11

Reported by:
GitHub
Cross-site Scripting in thorsten/phpmyfaq

CVE-2023-0791

Affected version: <3.1.11

Reported by:
GitHub
Cross-site Scripting in thorsten/phpmyfaq

CVE-2023-0794

Affected version: <3.1.11

Reported by:
GitHub
Weak Password Requirements in thorsten/phpmyfaq

CVE-2023-0793

Affected version: <3.1.11

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-0306

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ has Weak Password Requirements

CVE-2023-0307

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-0308

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Reflected Cross-site Scripting vulnerability

CVE-2023-0314

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-0313

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Improper Authentication vulnerability

CVE-2023-0311

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-0310

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ Stored Cross-site Scripting vulnerability

CVE-2023-0309

Affected version: <3.1.10

Reported by:
GitHub
thorsten/phpmyfaq is vulnerable to cross-site scripting (XSS)

CVE-2023-0312

Affected version: <3.1.10

Reported by:
GitHub
phpMyFAQ vulnerable to Cross-site Scripting

CVE-2022-4408

Affected version: <3.1.9

Reported by:
GitHub
phpMyFAQ vulnerable to Cross-site Scripting

CVE-2022-4407

Affected version: <3.1.9

Reported by:
GitHub
phpMyFAQ has insecure HTTP cookies

CVE-2022-4409

Affected version: <3.1.9

Reported by:
GitHub
phpMyFAQ vulnerable to stored Cross-site Scripting

CVE-2022-3765

Affected version: <3.1.8

Reported by:
GitHub
phpMyFAQ vulnerable to reflected Cross-site Scripting

CVE-2022-3766

Affected version: <3.1.8

Reported by:
GitHub
phpMyFAQ contains Weak Password Requirements

CVE-2022-3754

Affected version: <3.1.8

Reported by:
GitHub
phpMyFAQ vulnerable to Cross-site Scripting

CVE-2022-3608

Affected version: <=3.1.7

Reported by:
GitHub
phpMyFAQ CSRF

CVE-2018-16650

Affected version: <2.9.11

Reported by:
GitHub