Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Customer Support

phpMyFAQ

phpMyFAQ is an open source FAQ system using PHP. phpMyFAQ is a multilingual completely database-driven FAQ-system. It supports various databases to store all data PHP 5.3.3 (or higher) is needed in order to access this data. phpMyFAQ also offers a multi-language Content Management-System with a WYSIWYG editor and an Image Manager flexible multi-user support with user and group based permissions

Official Site:

http://www.phpmyfaq.de/

Severity Summary:

Critical: 13 High: 31 Medium: 88 Low: 2
Reference
Title
Severity
CVE-2023-2427
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-2998
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-15727
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-5863
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-15728
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2026-24421
phpMyFAQ Missing Authorization Vulnerability
Medium
CVE-2026-24420
phpMyFAQ Vulnerability
Medium
CVE-2017-15809
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2025-68951
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-29179
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-28108
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-27300
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-28106
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-5864
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-22208
phpMyFAQ Incorrect Authorization Vulnerability
Medium
CVE-2024-24574
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2024-22202
phpMyFAQ Improper Access Control Vulnerability
Medium
CVE-2023-6890
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-6889
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-1883
phpMyFAQ Improper Access Control Vulnerability
Medium
CVE-2023-5866
phpMyFAQ Sensitive Cookie in HTTPS Session Without Secure Attribute Vulnerability
Medium
CVE-2023-5867
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-1887
phpMyFAQ Business Logic Errors Vulnerability
Medium
CVE-2007-1032
phpMyFAQ Vulnerability
Medium
CVE-2023-1884
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-3766
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-4408
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-0306
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2014-0813
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2023-0308
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium