NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

CPE Product Version: cpe:/a:phpmyfaq:phpmyfaq:2.8.16

There are 89 matching records.

Displaying matches 61 through 80.

Vuln ID	Summary	CVSS Severity
CVE-2023-0310	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Published: January 15, 2023; 5:15:10 PM -0500	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-0309	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Published: January 15, 2023; 5:15:10 PM -0500	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-0308	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Published: January 15, 2023; 5:15:10 PM -0500	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2023-0307	Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Published: January 15, 2023; 5:15:10 PM -0500	V3.1: 9.8 CRITICAL V2.0:(not available)
CVE-2023-0306	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. Published: January 15, 2023; 5:15:10 PM -0500	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2022-4409	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9. Published: December 11, 2022; 10:15:10 AM -0500	V3.1: 7.5 HIGH V2.0:(not available)
CVE-2022-4408	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9. Published: December 11, 2022; 10:15:10 AM -0500	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2022-4407	Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9. Published: December 11, 2022; 10:15:10 AM -0500	V3.1: 6.1 MEDIUM V2.0:(not available)
CVE-2022-3766	Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Published: October 31, 2022; 7:15:10 AM -0400	V3.1: 6.1 MEDIUM V2.0:(not available)
CVE-2022-3765	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Published: October 31, 2022; 7:15:10 AM -0400	V3.1: 5.4 MEDIUM V2.0:(not available)
CVE-2022-3754	Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Published: October 29, 2022; 9:15:09 AM -0400	V3.1: 9.8 CRITICAL V2.0:(not available)
CVE-2022-3608	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha. Published: October 19, 2022; 9:15:08 AM -0400	V3.1: 8.4 HIGH V2.0:(not available)
CVE-2018-16651	The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. Published: September 07, 2018; 1:29:00 AM -0400	V3.0: 7.2 HIGH V2.0: 9.0 HIGH
CVE-2018-16650	phpMyFAQ before 2.9.11 allows CSRF. Published: September 07, 2018; 1:29:00 AM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM
CVE-2017-15809	In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag. Published: October 23, 2017; 1:29:00 PM -0400	V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM
CVE-2017-15808	In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. Published: October 23, 2017; 1:29:00 PM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM
CVE-2017-15735	In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary. Published: October 22, 2017; 2:29:00 PM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM
CVE-2017-15734	In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php. Published: October 22, 2017; 2:29:00 PM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM
CVE-2017-15733	In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php. Published: October 22, 2017; 2:29:00 PM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM
CVE-2017-15732	In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php. Published: October 22, 2017; 2:29:00 PM -0400	V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM