Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Customer Support

phpMyFAQ

phpMyFAQ is an open source FAQ system using PHP. phpMyFAQ is a multilingual completely database-driven FAQ-system. It supports various databases to store all data PHP 5.3.3 (or higher) is needed in order to access this data. phpMyFAQ also offers a multi-language Content Management-System with a WYSIWYG editor and an Image Manager flexible multi-user support with user and group based permissions

Official Site:

http://www.phpmyfaq.de/

Severity Summary:

Critical: 12 High: 24 Medium: 85 Low: 2
Reference
Title
Severity
CVE-2023-0789
phpMyFAQ Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
Critical
CVE-2023-0307
phpMyFAQ Weak Password Requirements Vulnerability
Critical
CVE-2023-5865
phpMyFAQ Insufficient Session Expiration Vulnerability
Critical
CVE-2023-5227
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2023-4006
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability
Critical
CVE-2023-2429
phpMyFAQ Improper Access Control Vulnerability
Critical
CVE-2023-1886
phpMyFAQ Authentication Bypass by Capture-replay Vulnerability
Critical
CVE-2022-3754
phpMyFAQ Weak Password Requirements Vulnerability
Critical
CVE-2023-1753
phpMyFAQ Weak Password Requirements Vulnerability
Critical
CVE-2023-0788
phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2023-0311
phpMyFAQ Improper Authentication Vulnerability
Critical
CVE-2017-11187
phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability
Critical
CVE-2006-6912
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2006-6913
phpMyFAQ Other Vulnerability
High
CVE-2022-3608
phpMyFAQ Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
High
CVE-2022-4409
phpMyFAQ Cleartext Transmission of Sensitive Information Vulnerability
High
CVE-2018-16651
phpMyFAQ Improper Neutralization of Formula Elements in a CSV File Vulnerability
High
CVE-2023-0793
phpMyFAQ Weak Password Requirements Vulnerability
High
CVE-2018-16650
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2011-4825
phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-1762
phpMyFAQ Improper Privilege Management Vulnerability
High
CVE-2024-27299
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2024-28105
phpMyFAQ Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2024-28107
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2010-4558
phpMyFAQ Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-0790
phpMyFAQ Uncaught Exception Vulnerability
High
CVE-2017-15730
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-15734
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-15732
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2017-15733
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability
High