Vulnerabilities > Phpmyfaq > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-08-28 CVE-2014-6045 SQL Injection vulnerability in PHPmyfaq
SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.
network
low complexity
phpmyfaq CWE-89
6.5
6.5
2017-10-23 CVE-2017-15809 Cross-site Scripting vulnerability in PHPmyfaq
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
network
phpmyfaq CWE-79
4.3
4.3
2017-10-23 CVE-2017-15808 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15735 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15734 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15733 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15732 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15731 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15730 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
network
phpmyfaq CWE-352
6.8
6.8
2017-10-22 CVE-2017-15729 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
network
phpmyfaq CWE-352
6.8
6.8