Filtered by vendor Thorsten Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-28108 1 Thorsten 1 Phpmyfaq 2024-11-21 4.7 Medium
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Due to insufficient validation on the `contentLink` parameter, it is possible for unauthenticated users to inject HTML code to the page which might affect other users. _Also, requires that adding new FAQs is allowed for guests and that the admin doesn't check the content of a newly added FAQ._ This vulnerability is fixed in 3.2.6.
CVE-2023-5320 2 Phpmyfaq, Thorsten 2 Phpmyfaq, Phpmyfaq 2024-11-21 6.1 Medium
Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.