Filtered by vendor Thorsten
Subscriptions
Filtered by product Phpmyfaq
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-28108 | 1 Thorsten | 1 Phpmyfaq | 2024-11-21 | 4.7 Medium |
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Due to insufficient validation on the `contentLink` parameter, it is possible for unauthenticated users to inject HTML code to the page which might affect other users. _Also, requires that adding new FAQs is allowed for guests and that the admin doesn't check the content of a newly added FAQ._ This vulnerability is fixed in 3.2.6. | ||||
CVE-2023-5320 | 2 Phpmyfaq, Thorsten | 2 Phpmyfaq, Phpmyfaq | 2024-11-21 | 6.1 Medium |
Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18. |
Page 1 of 1.