CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56199 – phpMyFAQ Vulnerable to Stored HTML Injection at FAQ
https://notcve.org/view.php?id=CVE-2024-56199
02 Jan 2025 — phpMyFAQ is an open source FAQ web application. Starting no later than version 3.2.10 and prior to version 4.0.2, an attacker can inject malicious HTML content into the FAQ editor at `http[:]//localhost/admin/index[.]php?action=editentry`, resulting in a complete disruption of the FAQ page's user interface. By injecting malformed HTML elements styled to cover the entire screen, an attacker can render the page unusable. This injection manipulates the page structure by introducing overlapping buttons, images,... • https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-ww33-jppq-qfrp • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55889 – phpMyFAQ Vulnerable to Unintended File Download Triggered by Embedded Frames
https://notcve.org/view.php?id=CVE-2024-55889
13 Dec 2024 — phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. Version 3.2.10 fixes the issue. • https://github.com/thorsten/phpMyFAQ/commit/fa0f7368dc3288eedb1915def64ef8fb270f711d • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54141 – phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available
https://notcve.org/view.php?id=CVE-2024-54141
06 Dec 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Prior to 4.0.0, phpMyFAQ exposes the database (ie postgreSQL) server's credential when connection to DB fails. This vulnerability is fixed in 4.0.0. • https://github.com/thorsten/phpMyFAQ/commit/b9289a0b2233df864361c131cd177b6715fbb0fe • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29196 – phpMyFAQ Path Traversal in Attachments
https://notcve.org/view.php?id=CVE-2024-29196
26 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. There is a Path Traversal vulnerability in Attachments that allows attackers with admin rights to upload malicious files to other locations of the web root. This vulnerability is fixed in 3.2.6. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras bases de datos. Existe una vulnerabilidad de Path Traversal en los archivos adjuntos que permite a ... • https://github.com/thorsten/phpMyFAQ/commit/7ae2559f079cd5fc9948b6fdfb87581f93840f62 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29179 – phpMyFAQ Stored Cross-site Scripting at File Attachments
https://notcve.org/view.php?id=CVE-2024-29179
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. An attacker with admin privileges can upload an attachment containing JS code without extension and the application will render it as HTML which allows for XSS attacks. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras bases de datos. Un atacante con privilegios de administrador puede cargar un archivo adjunto que contenga código JS sin exten... • https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-hm8r-95g3-5hj9 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28108 – phpMyFAQ Stored HTML Injection at contentLink
https://notcve.org/view.php?id=CVE-2024-28108
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Due to insufficient validation on the `contentLink` parameter, it is possible for unauthenticated users to inject HTML code to the page which might affect other users. _Also, requires that adding new FAQs is allowed for guests and that the admin doesn't check the content of a newly added FAQ._ This vulnerability is fixed in 3.2.6. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto par... • https://github.com/thorsten/phpMyFAQ/commit/4fed1d9602f0635260f789fe85995789d94d6634 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-28107 – phpMyFAQ SQL injections at insertentry & saveentry
https://notcve.org/view.php?id=CVE-2024-28107
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the `insertentry` & `saveentry` when modifying records due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some cases, even achieve RCE. This vulnerability is fixed in 3.2.6. phpMyFAQ es una aplicación web de preg... • https://github.com/thorsten/phpMyFAQ/commit/d0fae62a72615d809e6710861c1a7f67ac893007 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28106 – phpMyFAQ Stored XSS at FAQ News Content
https://notcve.org/view.php?id=CVE-2024-28106
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers. This vulnerability is fixed in 3.2.6. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras bases de datos. Al manipular el parámetro de noticias en una solicitud POST, un at... • https://github.com/thorsten/phpMyFAQ/commit/c94b3deadd87789389e1fad162bc3dd595c0e15a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 2%CPEs: 1EXPL: 0CVE-2024-28105 – phpMyFAQ's File Upload Bypass at Category Image Leads to RCE
https://notcve.org/view.php?id=CVE-2024-28105
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attackers to upload malicious files with a .php extension, potentially leading to remote code execution (RCE) on the system. This vulnerability is fixed in 3.2.6. phpMyFAQ es una aplicación web de preguntas frecuentes de código abierto para PHP 8.1+ y MySQL, PostgreSQL y otras ... • https://github.com/thorsten/phpMyFAQ/commit/9136883776af67dfdb0e8cf14f5e0ca22bf4f2e7 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27300 – phpMyFAQ Stored XSS at user email
https://notcve.org/view.php?id=CVE-2024-27300
25 Mar 2024 — phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The `email` field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's `FILTER_VALIDATE_EMAIL` function, which only validates the email format, not its content. This vulnerability enables an attacker to execute arbitrary client-side JavaScript within the context of another user's phpMyFAQ session. This vulnerability is fixed in 3.2.6. phpMyFAQ es una apli... • https://github.com/thorsten/phpMyFAQ/commit/09336b0ff0e0a04aa0c97c5975651af4769d2459 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •