Security
Headlines
HeadlinesLatestCVEs

Tag

#php

GHSA-6vv4-qq3r-9rv8: Uncaught Exception in thorsten/phpmyfaq

Uncaught Exception in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

ghsa
Open in Source
#git#php
GHSA-gxxj-x426-xj2w: Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-6vp5-vv9p-7q62: Command Injection in thorsten/phpmyfaq

Command Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-r6cw-356h-mvwg: Code Injection in thorsten/phpmyfaq

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-wjrj-jc3w-ppfw: Code Injection in thorsten/phpmyfaq

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-fxrq-xhj9-rf5j: Weak Password Requirements in thorsten/phpmyfaq

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

CVE-2023-0786: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@ce676eb

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

CVE-2015-10078

A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1. This issue affects the function send_welcome_email_url of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.0.2 is able to address this issue. The name of the patch is b14c1f66d307783f0ae74f88088a85999107695c. It is recommended to upgrade the affected component. The identifier VDB-220637 was assigned to this vulnerability.

CVE-2023-0793: fix: added missing check on password length · thorsten/phpMyFAQ@00c0409

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

CVE-2023-0794: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@edf0f6f

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.