Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2023-1882: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@49db615

Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE
Open in Source
#xss#git#php
CVE-2023-1884: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@7f0f921

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1880: Reflected XSS in send2friend.php in phpmyfaq

Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1878: Stored XSS in the adminlog functionality. in phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

Bus Pass Management System 1.0 Cross Site Scripting

Bus Pass Management System version 1.0 suffers persistent cross site scripting vulnerabilities.

CVE-2023-1757: fix: added missing validation of URLs and conversion to HTML entities · thorsten/phpMyFAQ@5061e58

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1758: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@f3380f4

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository thorsten/phpmyfaq prior to 3.1.12.

CVE-2023-1756: stored XSS after XSS Filter Bypass through exporting an HTML-Document in phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.12.