Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2023-1886: Captcha Bypass allows sending unlimited Comments in phpmyfaq

Authentication Bypass by Capture-replay in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE
Open in Source
#git#php#auth
CVE-2023-1879: Stored XSS @ updatecategory in phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1885: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@fecc803

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1883: fix: added check if news or FAQs are active · thorsten/phpMyFAQ@db77df8

Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1882: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@49db615

Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1884: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@7f0f921

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1880: Reflected XSS in send2friend.php in phpmyfaq

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1878: Stored XSS in the adminlog functionality. in phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

Bus Pass Management System 1.0 Cross Site Scripting

Bus Pass Management System version 1.0 suffers persistent cross site scripting vulnerabilities.