Vulnerabilities > Phpmyfaq > Phpmyfaq > 1.4.alpha1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-20 | CVE-2009-4040 | Cross-Site Scripting vulnerability in PHPmyfaq Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.0.17 and 2.5.x before 2.5.2, when used with Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the search page. | 4.3 |
2005-03-07 | CVE-2005-0702 | SQL-Injection vulnerability in phpMyFAQ SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages. | 5.0 |
2004-12-31 | CVE-2004-2256 | Directory Traversal vulnerability in phpMyFAQ Lang Parameter Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. | 5.0 |