Phpmyfaq
by PhpMyAdmin
Source repositories
CVEs (56)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7579 | Med | 0.40 | 6.1 | 0.01 | Apr 7, 2017 | inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field. | ||
| CVE-2017-15727 | Med | 0.38 | 5.4 | 0.02 | Oct 22, 2017 | In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment. | ||
| CVE-2004-2257 | Med | 0.35 | 5.3 | 0.02 | Dec 31, 2004 | phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request. | ||
| CVE-2026-34973 | Med | 0.34 | 5.3 | 0.00 | Apr 2, 2026 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages() method in phpmyfaq/src/phpMyFAQ/Search.php uses real_escape_string() (via escape()) to sanitize the search term before embedding it in LIKE clauses. However, real_escape_string() does… | ||
| CVE-2017-14618 | Med | 0.34 | 4.8 | 0.02 | Sep 20, 2017 | Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action. | ||
| CVE-2026-34729 | Med | 0.33 | 6.1 | 0.00 | Apr 2, 2026 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1. | ||
| CVE-2026-32629 | Med | 0.33 | 6.1 | 0.00 | Apr 2, 2026 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 (quoted local part) yet contains raw HTML — for example… | ||
| CVE-2014-6050 | Med | 0.31 | 5.3 | 0.05 | Aug 28, 2018 | phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request. | ||
| CVE-2014-6048 | Med | 0.31 | 5.3 | 0.06 | Aug 28, 2018 | phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request. | ||
| CVE-2014-6047 | Med | 0.31 | 5.3 | 0.06 | Aug 28, 2018 | phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks. | ||
| CVE-2017-15728 | Med | 0.31 | 4.8 | 0.01 | Oct 22, 2017 | In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords. | ||
| CVE-2026-34974 | Med | 0.28 | 5.4 | 0.00 | Apr 2, 2026 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ (SvgSanitizer.php) can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with edit_faq permission can upload a… | ||
| CVE-2014-6049 | Low | 0.14 | 2.7 | 0.03 | Aug 28, 2018 | phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter. | ||
| CVE-2026-48488 | Low | 0.11 | — | 0.00 | Jun 8, 2026 | phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 (SHAttered). Version 4.1.4 fixes the issue. | ||
| CVE-2011-4825 | 0.06 | — | 0.41 | Dec 15, 2011 | Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into… | |||
| CVE-2005-3048 | 0.04 | — | 0.08 | Sep 24, 2005 | Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet,… | |||
| CVE-2006-6912 | 0.03 | — | 0.01 | Dec 31, 2006 | SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter. | |||
| CVE-2026-56396 | 0.00 | — | 0.00 | Jun 21, 2026 | phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights… | |||
| CVE-2026-49205 | 0.00 | — | 0.00 | Jun 18, 2026 | phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to 4… | |||
| CVE-2014-0814 | 0.00 | — | 0.02 | Feb 14, 2014 | Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
- risk 0.40cvss 6.1epss 0.01
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
- risk 0.38cvss 5.4epss 0.02
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
- risk 0.35cvss 5.3epss 0.02
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request.
- risk 0.34cvss 5.3epss 0.00
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages() method in phpmyfaq/src/phpMyFAQ/Search.php uses real_escape_string() (via escape()) to sanitize the search term before embedding it in LIKE clauses. However, real_escape_string() does…
- risk 0.34cvss 4.8epss 0.02
Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.
- risk 0.33cvss 6.1epss 0.00
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes(). This issue has been patched in version 4.1.1.
- risk 0.33cvss 6.1epss 0.00
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ with an email address that is syntactically valid per RFC 5321 (quoted local part) yet contains raw HTML — for example…
- risk 0.31cvss 5.3epss 0.05
phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request.
- risk 0.31cvss 5.3epss 0.06
phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.
- risk 0.31cvss 5.3epss 0.06
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
- risk 0.31cvss 4.8epss 0.01
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
- risk 0.28cvss 5.4epss 0.00
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ (SvgSanitizer.php) can be bypassed using HTML entity encoding in javascript: URLs within SVG attributes. Any user with edit_faq permission can upload a…
- risk 0.14cvss 2.7epss 0.03
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.
- risk 0.11cvss —epss 0.00
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 (SHAttered). Version 4.1.4 fixes the issue.
- CVE-2011-4825Dec 15, 2011risk 0.06cvss —epss 0.41
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into…
- CVE-2005-3048Sep 24, 2005risk 0.04cvss —epss 0.08
Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet,…
- CVE-2006-6912Dec 31, 2006risk 0.03cvss —epss 0.01
SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.
- CVE-2026-56396Jun 21, 2026risk 0.00cvss —epss 0.00
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights…
- CVE-2026-49205Jun 18, 2026risk 0.00cvss —epss 0.00
phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $this->userHasPermission(PermissionType::BACKUP). The same fix was not applied to 4…
- CVE-2014-0814Feb 14, 2014risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Page 2 of 3