CVE-2022-3766
- EPSS 34.65%
- Published 31.10.2022 11:15:10
- Last modified 21.11.2024 07:20:12
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3754
- EPSS 3.17%
- Published 29.10.2022 13:15:09
- Last modified 21.11.2024 07:20:10
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3608
- EPSS 0.15%
- Published 19.10.2022 13:15:08
- Last modified 21.11.2024 07:19:52
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
CVE-2018-16650
- EPSS 0.16%
- Published 07.09.2018 05:29:00
- Last modified 21.11.2024 03:53:08
phpMyFAQ before 2.9.11 allows CSRF.
- EPSS 0.86%
- Published 07.09.2018 05:29:00
- Last modified 21.11.2024 03:53:08
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.
CVE-2014-6047
- EPSS 4.67%
- Published 28.08.2018 17:29:01
- Last modified 21.11.2024 02:13:41
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
CVE-2014-6048
- EPSS 6.05%
- Published 28.08.2018 17:29:01
- Last modified 21.11.2024 02:13:41
phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.
CVE-2014-6049
- EPSS 1.24%
- Published 28.08.2018 17:29:01
- Last modified 21.11.2024 02:13:41
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.
CVE-2014-6050
- EPSS 4.91%
- Published 28.08.2018 17:29:01
- Last modified 21.11.2024 02:13:41
phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request.
CVE-2014-6045
- EPSS 0.39%
- Published 28.08.2018 17:29:00
- Last modified 21.11.2024 02:13:40
SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.