CVEDB API

Vulnerabilities

Vulnerable Software

Phpmyfaq: >> Phpmyfaq >> 2.6.18 Security Vulnerabilities

CVE-2017-7579

inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.

CVSS Score

6.1

EPSS Score

0.003

Published

2017-04-07

CVE-2014-0813

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

CVSS Score

6.8

EPSS Score

0.004

Published

2014-02-14

CVE-2014-0814

Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.005

Published

2014-02-14

CVE-2011-4825

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.

CVSS Score

7.5

EPSS Score

0.83

Published

2011-12-15

Page 11

Vulnerabilities

Vulnerable Software

Phpmyfaq: >> Phpmyfaq >> 2.6.18 Security Vulnerabilities

Products

Pricing

Contact Us