Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown
CVE-2014-0813
Disclosure Date: February 14, 2014 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.
0
Attacker Value
Unknown
CVE-2014-0814
Disclosure Date: February 14, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2010-4821
Disclosure Date: October 22, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
0
Attacker Value
Unknown
CVE-2011-4825
Disclosure Date: December 15, 2011 (last updated October 04, 2023)
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted parameters.
0
