thorsten/phpmyfaq

Packagist75 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting thorsten/phpmyfaqpage 1 of 2

CVE-2018-16650HIGHCVSS 8.8✓ Fixed in 2.9.11
2018-09-07
vulnerable: 2.8.0 ... 2.9.9 (60 versions)
phpMyFAQ before 2.9.11 allows CSRF.
CVE-2022-3608HIGHCVSS 8.4EG 8.4✓ Fixed in 3.2.0-alpha
2022-10-19
vulnerable: 2.10.0-alpha ... 3.1.9 (104 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
CVE-2022-3754CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.1.8
2022-10-29
vulnerable: 2.10.0-alpha ... 3.1.7 (99 versions)
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3765MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.8
2022-10-31
vulnerable: 2.10.0-alpha ... 3.1.7 (99 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-3766MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.8
2022-10-31
vulnerable: 2.10.0-alpha ... 3.1.7 (99 versions)
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVE-2022-4407MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.9
2022-12-11
vulnerable: 2.10.0-alpha ... 3.1.8 (100 versions)
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVE-2022-4408MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.9
2022-12-11
vulnerable: 2.10.0-alpha ... 3.1.8 (100 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVE-2022-4409HIGHCVSS 7.5EG 7.5✓ Fixed in 3.1.9
2022-12-11
vulnerable: 2.10.0-alpha ... 3.1.8 (100 versions)
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVE-2023-0306MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0307CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0308MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0309MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0310MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0311CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0312MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0313MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0314MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.10
2023-01-15
vulnerable: 2.10.0-alpha ... 3.1.9 (101 versions)
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
CVE-2023-0786HIGHCVSS 8.4EG 8.4✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0787HIGHCVSS 8.1EG 8.1✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0788HIGHCVSS 8.1EG 8.1✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0789HIGHCVSS 8.1EG 8.1✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Command Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0790HIGHCVSS 7.6EG 7.6✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Uncaught Exception in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0791HIGHCVSS 8.3EG 8.3✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0792MEDIUMCVSS 6.5EG 6.5✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0793HIGHCVSS 7.1EG 7.1✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0794HIGHCVSS 8.3EG 8.3✓ Fixed in 3.1.11
2023-02-12
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-0880HIGHCVSS 8.3EG 8.3✓ Fixed in 3.1.11
2023-02-17
vulnerable: 2.10.0-alpha ... 3.1.9 (102 versions)
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
CVE-2023-1753MEDIUMCVSS 5.5EG 5.5✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1754MEDIUMCVSS 4.7EG 4.7✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Improper Neutralization of Input During Web Page Generation in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1755MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1756MEDIUMCVSS 4.7EG 4.7✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1757MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1758MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1759MEDIUMCVSS 4.8EG 4.8✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1760MEDIUMCVSS 4.8EG 4.8✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1761MEDIUMCVSS 6.3EG 6.3✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1762HIGHCVSS 8.8EG 8.8✓ Fixed in 3.1.12
2023-03-31
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1875MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-22
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1878MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1879MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1880MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1882MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1883MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1884MEDIUMCVSS 6.1EG 6.1✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1885MEDIUMCVSS 6.3EG 6.3✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1886HIGHCVSS 7.3EG 7.3✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-1887MEDIUMCVSS 4.3EG 4.3✓ Fixed in 3.1.12
2023-04-05
vulnerable: 2.10.0-alpha ... 3.1.9 (103 versions)
Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
CVE-2023-2427MEDIUMCVSS 4.8EG 4.8✓ Fixed in 3.1.13
2023-05-05
vulnerable: 2.10.0-alpha ... 3.1.9 (104 versions)
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.
CVE-2023-2428MEDIUMCVSS 5.4EG 5.4✓ Fixed in 3.1.13
2023-04-30
vulnerable: 2.10.0-alpha ... 3.1.9 (104 versions)
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.
CVE-2023-2429CRITICALCVSS 9.8EG 9.8✓ Fixed in 3.1.13
2023-04-30
vulnerable: 2.10.0-alpha ... 3.1.9 (104 versions)
Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.13.

Check whether thorsten/phpmyfaq is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for thorsten/phpmyfaq CVEs against the assets you own.

Start Free Scan →