Phpmyfaq

Phpmyfaq

140 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-34974

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.04.2026 14:48:22
  • Zuletzt bearbeitet 06.04.2026 16:09:58

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ (SvgSanitizer.php) can be bypassed using HTML entity encoding in javascript: URLs within SVG <a href> attributes. Any user with edit_faq...

5.3

CVE-2026-34973

Exploit
  • EPSS 0.11%
  • Veröffentlicht 02.04.2026 14:47:22
  • Zuletzt bearbeitet 06.04.2026 16:11:33

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages() method in phpmyfaq/src/phpMyFAQ/Search.php uses real_escape_string() (via escape()) to sanitize the search term before embedding it in LIKE clauses. Howev...

4.8

CVE-2026-34729

Exploit
  • EPSS 0.05%
  • Veröffentlicht 02.04.2026 14:46:22
  • Zuletzt bearbeitet 07.04.2026 14:52:49

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1.

8.1

CVE-2026-34728

Exploit
  • EPSS 0.08%
  • Veröffentlicht 02.04.2026 14:44:19
  • Zuletzt bearbeitet 07.04.2026 14:57:06

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index() method handles file deletion for the media browser. When the fileRemove action is triggered, the user-supplied name parameter is concatenated ...

6.1

CVE-2026-32629

Exploit
  • EPSS 0.23%
  • Veröffentlicht 02.04.2026 14:43:14
  • Zuletzt bearbeitet 07.04.2026 16:10:02

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 (quoted local part) yet contains raw HTML — for example "<script...

7.5

CVE-2026-27836

Exploit
  • EPSS 0.06%
  • Veröffentlicht 27.02.2026 19:54:51
  • Zuletzt bearbeitet 04.03.2026 16:08:53

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allo...

7.5

CVE-2026-24422

Exploit
  • EPSS 0.02%
  • Veröffentlicht 24.01.2026 02:02:30
  • Zuletzt bearbeitet 28.01.2026 18:10:23

phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, multiple public API endpoints improperly expose sensitive user information due to insufficient access controls. The OpenQuestionController::list() endpoint calls Question::...

6.5

CVE-2026-24420

Exploit
  • EPSS 0.02%
  • Veröffentlicht 24.01.2026 01:57:28
  • Zuletzt bearbeitet 28.01.2026 18:25:46

phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow an authenticated user without the dlattachment permission to download FAQ attachments due to a incomprehensive permissions check. The presence of a right key is improperl...

6.5

CVE-2026-24421

Exploit
  • EPSS 0.27%
  • Veröffentlicht 24.01.2026 01:43:10
  • Zuletzt bearbeitet 30.01.2026 17:29:58

phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated()...

7.5

CVE-2025-69200

Exploit
  • EPSS 4.56%
  • Veröffentlicht 29.12.2025 15:24:51
  • Zuletzt bearbeitet 07.01.2026 15:35:10

phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via `POST /api/setup/backup` and then download the generated ZIP from a web-accessibl...