Vulnerabilities > Phpmyfaq > Phpmyfaq > 2.9.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-22 | CVE-2017-15728 | Cross-site Scripting vulnerability in PHPmyfaq In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords. | 3.5 |
| 2017-10-22 | CVE-2017-15727 | Cross-site Scripting vulnerability in PHPmyfaq In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment. | 3.5 |
| 2017-09-20 | CVE-2017-14619 | Cross-site Scripting vulnerability in PHPmyfaq Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module. | 4.3 |
| 2017-09-20 | CVE-2017-14618 | Cross-site Scripting vulnerability in PHPmyfaq Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. | 3.5 |
| 2017-07-12 | CVE-2017-11187 | Improper Restriction of Excessive Authentication Attempts vulnerability in PHPmyfaq phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly. | 5.0 |
| 2017-04-07 | CVE-2017-7579 | Cross-site Scripting vulnerability in PHPmyfaq inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. | 4.3 |