Vulnerabilities > Phpmyfaq > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-25 | CVE-2024-27299 | SQL Injection vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 8.8 |
| 2024-03-25 | CVE-2024-28105 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 7.2 |
| 2024-03-25 | CVE-2024-28107 | SQL Injection vulnerability in PHPmyfaq 3.2.5 phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. | 8.8 |
| 2023-03-31 | CVE-2023-1762 | Unspecified vulnerability in PHPmyfaq Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12. | 8.8 |
| 2023-02-12 | CVE-2023-0790 | Unspecified vulnerability in PHPmyfaq Uncaught Exception in GitHub repository thorsten/phpmyfaq prior to 3.1.11. | 8.8 |
| 2023-02-12 | CVE-2023-0793 | Weak Password Requirements vulnerability in PHPmyfaq Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11. | 8.8 |
| 2022-12-11 | CVE-2022-4409 | Missing Encryption of Sensitive Data vulnerability in PHPmyfaq Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9. | 7.5 |
| 2022-10-19 | CVE-2022-3608 | Cross-site Scripting vulnerability in PHPmyfaq Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha. | 8.4 |
| 2018-09-07 | CVE-2018-16651 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyfaq The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. | 7.2 |
| 2018-09-07 | CVE-2018-16650 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq phpMyFAQ before 2.9.11 allows CSRF. | 8.8 |