Vulnerabilities > Phpmyfaq

DATE CVE VULNERABILITY TITLE RISK
2017-10-22 CVE-2017-15734 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15733 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15732 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15731 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15730 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15729 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
network
phpmyfaq CWE-352
6.8
2017-10-22 CVE-2017-15728 Cross-site Scripting vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
network
phpmyfaq CWE-79
3.5
2017-10-22 CVE-2017-15727 Cross-site Scripting vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
network
phpmyfaq CWE-79
3.5
2017-09-20 CVE-2017-14619 Cross-site Scripting vulnerability in PHPmyfaq
Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.
network
phpmyfaq CWE-79
4.3
2017-09-20 CVE-2017-14618 Cross-site Scripting vulnerability in PHPmyfaq
Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.
network
phpmyfaq CWE-79
3.5