116 results (0.019 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leads to allowed execution of JavaScript code in client side (XSS). This vulnerability has been patched in version 3.2.5. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras bases de datos. El eco inseguro del nombre de archivo en phpMyFAQ\phpmyfaq\admin\attachments.php conduce a la ejecución permitida de código JavaScript en el lado del cliente (XSS). Esta vulnerabilidad ha sido parcheada en la versión 3.2.5. • https://github.com/thorsten/phpMyFAQ/commit/5479b4a4603cce71aa7eb4437f1c201153a1f1f5 https://github.com/thorsten/phpMyFAQ/pull/2827 https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7m8g-fprr-47fx • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ application has a functionality where anyone can share a FAQ item to others. The front-end of this functionality allows any phpMyFAQ articles to be shared with 5 email addresses. Any unauthenticated actor can perform this action. • https://github.com/thorsten/phpMyFAQ/commit/a34d94ab7b1be9256a9ef898f18ea6bfb63f6f1e https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9hhf-xmcw-r3xg • CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. phpMyFAQ's user removal page allows an attacker to spoof another user's detail, and in turn make a compelling phishing case for removing another user's account. The front-end of this page doesn't allow changing the form details, an attacker can utilize a proxy to intercept this request and submit other data. Upon submitting this form, an email is sent to the administrator informing them that this user wants to delete their account. An administrator has no way of telling the difference between the actual user wishing to delete their account or the attacker issuing this for an account they do not control. This issue has been patched in version 3.2.5. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras bases de datos. • https://github.com/thorsten/phpMyFAQ/commit/1348dcecdaec5a5714ad567c16429432417b534d https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-6648-6g96-mg35 • CWE-284: Improper Access Control •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17. Cross-site Scripting (XSS): almacenadas en el repositorio de GitHub thorsten/phpmyfaq antes de la versión 3.1.17. • https://github.com/thorsten/phpmyfaq/commit/97d90ebbe11ebc6081bf49a2ba4b60f227cd1b43 https://huntr.com/bounties/2cf11678-8793-4fa1-b21a-f135564a105d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.17. Cross-site Scripting (XSS): almacenadas en el repositorio de GitHub thorsten/phpmyfaq antes de la versión 3.1.17. • https://github.com/thorsten/phpmyfaq/commit/1037a8f012e0d9ec4bf4c8107972f6695e381392 https://huntr.com/bounties/52897778-fad7-4169-bf04-a68a0646df0c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •