vulnerability

FreeBSD: VID-439f3f81-7a49-11ed-97ac-589cfc0f81b0: phpmyfaq -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:M/Au:S/C:P/I:P/A:N)	Dec 12, 2022	Dec 14, 2022	Dec 10, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:P/I:P/A:N)

Published

Dec 12, 2022

Added

Dec 14, 2022

Modified

Dec 10, 2025

Description

phpmyfaq developers report: an authenticated SQL injection when adding categories in the admin backend a stored cross-site scripting vulnerability in the category name a stored cross-site scripting vulnerability in the admin logging a stored cross-site scripting vulnerability in the FAQ title a PostgreSQL based SQL injection for the lang parameter a SQL injection when storing an instance name in the admin backend a SQL injection when adding attachments in the admin backend a stored cross-site scripting vulnerability when adding users by admins a missing "secure" flag for cookies when using TLS a cross-site request forgery / cross-site scripting vulnerability when saving new questions a reflected cross-site scripting vulnerability in the admin backend

Solution

freebsd-upgrade-package-phpmyfaq

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today