Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2023-25727: Security - PMASA-2023-1

In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface.

CVE
Open in Source
#sql#xss#vulnerability#web#php#auth
GHSA-gf34-hh5r-f74h: Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-c38p-vw6j-qjpr: Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-6vv4-qq3r-9rv8: Uncaught Exception in thorsten/phpmyfaq

Uncaught Exception in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-gxxj-x426-xj2w: Cross-site Scripting in thorsten/phpmyfaq

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-6vp5-vv9p-7q62: Command Injection in thorsten/phpmyfaq

Command Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-r6cw-356h-mvwg: Code Injection in thorsten/phpmyfaq

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-wjrj-jc3w-ppfw: Code Injection in thorsten/phpmyfaq

Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

GHSA-fxrq-xhj9-rf5j: Weak Password Requirements in thorsten/phpmyfaq

Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.11.

CVE-2023-0786: fix: added missing conversion to HTML entities · thorsten/phpMyFAQ@ce676eb

Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11.