Packagist (Composer) package
thorsten/phpmyfaq
pkg:composer/thorsten/phpmyfaq
Vulnerabilities (89)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-0306 | — | < 3.1.10 | 3.1.10 | Jan 15, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. | ||
| CVE-2022-4409 | — | < 3.1.9 | 3.1.9 | Dec 11, 2022 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9. | ||
| CVE-2022-4408 | — | < 3.1.9 | 3.1.9 | Dec 11, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9. | ||
| CVE-2022-4407 | — | < 3.1.9 | 3.1.9 | Dec 11, 2022 | Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9. | ||
| CVE-2022-3766 | — | < 3.1.8 | 3.1.8 | Oct 31, 2022 | Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | ||
| CVE-2022-3765 | — | < 3.1.8 | 3.1.8 | Oct 31, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | ||
| CVE-2022-3754 | — | < 3.1.8 | 3.1.8 | Oct 29, 2022 | Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. | ||
| CVE-2022-3608 | — | < 3.2.0-alpha | 3.2.0-alpha | Oct 19, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha. | ||
| CVE-2018-16650 | Hig | 8.8 | < 2.9.11 | 2.9.11 | Sep 7, 2018 | phpMyFAQ before 2.9.11 allows CSRF. |
- CVE-2023-0306Jan 15, 2023affected < 3.1.10fixed 3.1.10
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.
- CVE-2022-4409Dec 11, 2022affected < 3.1.9fixed 3.1.9
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
- CVE-2022-4408Dec 11, 2022affected < 3.1.9fixed 3.1.9
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
- CVE-2022-4407Dec 11, 2022affected < 3.1.9fixed 3.1.9
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
- CVE-2022-3766Oct 31, 2022affected < 3.1.8fixed 3.1.8
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
- CVE-2022-3765Oct 31, 2022affected < 3.1.8fixed 3.1.8
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
- CVE-2022-3754Oct 29, 2022affected < 3.1.8fixed 3.1.8
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
- CVE-2022-3608Oct 19, 2022affected < 3.2.0-alphafixed 3.2.0-alpha
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
- affected < 2.9.11fixed 2.9.11
phpMyFAQ before 2.9.11 allows CSRF.
Page 5 of 5