National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:phpmyfaq:phpmyfaq:2.9.9
There are 2 matching records.
Vuln ID Summary CVSS Severity
CVE-2018-16651

The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.

Published: September 07, 2018; 01:29:00 AM -04:00
V3.0: 7.2 HIGH
    V2: 9.0 HIGH
CVE-2018-16650

phpMyFAQ before 2.9.11 allows CSRF.

Published: September 07, 2018; 01:29:00 AM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM