8.3

CVE-2023-0880

Exploit

Misinterpretation of Input in thorsten/phpmyfaq

Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpmyfaqPhpmyfaq Version < 3.1.11
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.61% 0.445
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
security@huntr.dev 8.3 2.8 5.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
CWE-115 Misinterpretation of Input

The product misinterprets an input, whether from an attacker or another product, in a security-relevant fashion.

https://github.com/thorsten/phpmyfaq/commit/a67dca41576834a1ddfee61b9e799b686b75d4fa
Patch
https://huntr.dev/bounties/14fc4841-0f5d-4e12-bf9e-1b60d2ac6a6c
Patch
Third Party Advisory
Exploit