Security Advisories - thorsten/phpmyfaq

thorsten/phpmyfaq Security Advisories for 3.1.12 (25)

[MEDIUM] thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames

PKSA-nm7m-ddfs-x1rd CVE-2024-55889 GHSA-m3r7-8gw7-qwvc

Affected version: <3.2.10

Reported by:
GitHub
[HIGH] phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

PKSA-zk9c-crx1-g563 CVE-2024-54141 GHSA-vrjr-p3xp-xx2x

Affected version: <4.0.0

Reported by:
GitHub
[MEDIUM] phpMyFAQ Cross-site Scripting vulnerability

PKSA-dp4r-92p1-jm3r CVE-2023-6890 GHSA-4h37-q5j3-hw96

Affected version: <3.1.17

Reported by:
GitHub
[MEDIUM] phpMyFAQ Cross-site Scripting vulnerability

PKSA-z2gn-4mp6-7kgx CVE-2023-6889 GHSA-w8xj-992g-842f

Affected version: <3.1.17

Reported by:
GitHub
[MEDIUM] Cross-site Scripting (XSS) in thorsten/phpmyfaq

PKSA-3zxr-6q1g-y9pc CVE-2023-5867 GHSA-prrv-r843-4p75

Affected version: <3.2.2

Reported by:
GitHub
[MEDIUM] Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq

PKSA-234x-mfj9-vyxm CVE-2023-5866 GHSA-34w4-wrqp-j47g

Affected version: <3.2.1

Reported by:
GitHub
[HIGH] Insufficient Session Expiration in thorsten/phpmyfaq

PKSA-mhmh-zvw7-ctt3 CVE-2023-5865 GHSA-f728-prhw-2g68

Affected version: <3.2.2

Reported by:
GitHub
[HIGH] phpMyFAQ Cross-site Scripting vulnerability

PKSA-fwqb-wfgt-vhnq CVE-2023-5864 GHSA-g5hp-328h-jj98

Affected version: <3.2.1

Reported by:
GitHub
[HIGH] phpMyFAQ Cross-site Scripting vulnerability

PKSA-fy6w-gxhz-b2mb CVE-2023-5863 GHSA-j4vj-w5rj-8grw

Affected version: <3.2.2

Reported by:
GitHub
[HIGH] phpMyFAQ Cross-site Scripting vulnerability

PKSA-473w-z13b-432n CVE-2023-5319 GHSA-j5ww-5xf4-hqm2

Affected version: <3.1.18

Reported by:
GitHub
[MEDIUM] phpMyFAQ allows unrestricted file types in image field

PKSA-mb8f-3r9h-zv2d CVE-2023-5227 GHSA-qcjg-hvg6-hxcp

Affected version: <3.1.18

Reported by:
GitHub
[CRITICAL] phpMyFAQ Cross-site Scripting vulnerability

PKSA-j9jt-7g13-t74m CVE-2023-5316 GHSA-58v7-58c2-qwm9

Affected version: <3.1.18

Reported by:
GitHub
[MEDIUM] phpMyFaq Cross-site Scripting vulnerability

PKSA-c9gj-nswj-c8v6 CVE-2023-5317 GHSA-5jwv-m8h3-69cg

Affected version: <3.1.18

Reported by:
GitHub
[CRITICAL] phpMyFAQ Cross-site Scripting vulnerability

PKSA-hr4h-nw1k-8zbd CVE-2023-5320 GHSA-pp4w-g5p4-85p2

Affected version: <3.1.18

Reported by:
GitHub
[HIGH] phpMyFAQ Stored Cross-site Scripting vulnerability

PKSA-x3y4-4qqb-1d8c CVE-2023-4007 GHSA-q9vm-29ph-p7mp

Affected version: <3.1.16

Reported by:
GitHub
[HIGH] phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability

PKSA-w38f-g1pw-fptg CVE-2023-4006 GHSA-2xvx-368h-qcmv

Affected version: <3.1.16

Reported by:
GitHub
[MEDIUM] phpMyFAQ Cross-site Scripting

PKSA-5mf7-1xx2-r8qf CVE-2023-3469 GHSA-v6g2-jwrm-h5r5

Affected version: <3.2.0-beta.2

Reported by:
GitHub
[MEDIUM] thorsten/phpmyfaq vulnerable to cross-site scripting

PKSA-449b-pm19-yj3b CVE-2023-2999 GHSA-94r7-63g8-c4jw

Affected version: <3.1.14

Reported by:
GitHub
[MEDIUM] thorsten/phpmyfaq vulnerable to cross-site scripting

PKSA-7skg-fzbb-43pk CVE-2023-2998 GHSA-974q-4vvr-vg9c

Affected version: <3.1.14

Reported by:
GitHub
[MEDIUM] phpMyFAQ vulnerable to stored Cross-site Scripting

PKSA-nbfj-yt53-w4ff CVE-2023-2753 GHSA-vppq-6ff8-2m8w

Affected version: <3.2.0-beta

Reported by:
GitHub
[MEDIUM] phpMyFAQ vulnerable to stored Cross-site Scripting

PKSA-5wnq-2nqs-gct1 CVE-2023-2752 GHSA-j657-pjgc-c4h6

Affected version: <3.2.0-beta

Reported by:
GitHub
[HIGH] Cross Site Scripting in thorsten/phpmyfaq

PKSA-q9pv-n8rg-hsyq CVE-2023-2550 GHSA-5mf7-p346-7rm8

Affected version: <3.1.13

Reported by:
GitHub
[MEDIUM] Cross Site Scripting in thorsten/phpmyfaq

PKSA-8ptm-w337-39j1 CVE-2023-2427 GHSA-5xq3-7mw9-wj5p

Affected version: <3.1.13

Reported by:
GitHub
[MEDIUM] phpMyFAQ Improper Access Control vulnerability

PKSA-mtm1-ss8g-wgvd CVE-2023-2429 GHSA-r69v-q48g-3966

Affected version: <3.1.13

Reported by:
GitHub
[MEDIUM] phpMyFAQ vulnerable to Stored Cross-site Scripting

PKSA-d9fp-49zx-fym9 CVE-2023-2428 GHSA-8595-6653-96p2

Affected version: <3.1.13

Reported by:
GitHub

thorsten/phpmyfaq Security Advisories for 3.1.12 (25)

[MEDIUM] thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames

[HIGH] phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

[MEDIUM] phpMyFAQ Cross-site Scripting vulnerability

[MEDIUM] phpMyFAQ Cross-site Scripting vulnerability

[MEDIUM] Cross-site Scripting (XSS) in thorsten/phpmyfaq

[MEDIUM] Sensitive cookie in HTTPS session without 'Secure' attribute in thorsten/phpmyfaq

[HIGH] Insufficient Session Expiration in thorsten/phpmyfaq

[HIGH] phpMyFAQ Cross-site Scripting vulnerability

[HIGH] phpMyFAQ Cross-site Scripting vulnerability

[HIGH] phpMyFAQ Cross-site Scripting vulnerability

[MEDIUM] phpMyFAQ allows unrestricted file types in image field

[CRITICAL] phpMyFAQ Cross-site Scripting vulnerability

[MEDIUM] phpMyFaq Cross-site Scripting vulnerability

[CRITICAL] phpMyFAQ Cross-site Scripting vulnerability

[HIGH] phpMyFAQ Stored Cross-site Scripting vulnerability

[HIGH] phpMyFAQ Improper Neutralization of Formula Elements in a CSV File vulnerability

[MEDIUM] phpMyFAQ Cross-site Scripting

[MEDIUM] thorsten/phpmyfaq vulnerable to cross-site scripting

[MEDIUM] thorsten/phpmyfaq vulnerable to cross-site scripting

[MEDIUM] phpMyFAQ vulnerable to stored Cross-site Scripting

[MEDIUM] phpMyFAQ vulnerable to stored Cross-site Scripting

[HIGH] Cross Site Scripting in thorsten/phpmyfaq

[MEDIUM] Cross Site Scripting in thorsten/phpmyfaq

[MEDIUM] phpMyFAQ Improper Access Control vulnerability

[MEDIUM] phpMyFAQ vulnerable to Stored Cross-site Scripting