This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
1f655433-551b-11eb-9cda-589cfc0f81b0 | phpmyfaq -- XSS vulnerability phpmyfaq developers report:
Discovery 2020-12-23 Entry 2021-01-12 phpmyfaq le 3.0.6 https://www.phpmyfaq.de/security/advisory-2020-12-23 |
33888815-631e-4bba-b776-a9b46fe177b5 | phpmyfaq -- multiple issues phpmyfaq developers report:
Discovery 2017-09-20 Entry 2017-09-29 phpmyfaq le 2.9.8 https://www.exploit-db.com/exploits/42761/ https://github.com/thorsten/phpMyFAQ/commit/30b0025e19bd95ba28f4eff4d259671e7bb6bb86 CVE-2017-14618 CVE-2017-14619 |
395e0faa-ffa7-11e0-8ac4-6c626dd55a41 | phpmyfaq -- Remote PHP Code Injection Vulnerability The phpMyFAQ project reports:
Discovery 2011-10-25 Entry 2011-10-26 phpmyfaq < 2.6.19 http://www.phpmyfaq.de/advisory_2011-10-25.php http://forum.phpmyfaq.de/viewtopic.php?f=3&t=13402 |
3b86583a-66a7-11e3-868f-0025905a4771 | phpmyfaq -- arbitrary PHP code execution vulnerability The phpMyFAQ team reports:
Discovery 2013-11-26 Entry 2013-12-16 Modified 2013-12-17 phpmyfaq < 2.8.4 http://en.securitylab.ru/lab/PT-2013-41 http://www.phpmyfaq.de/advisory_2013-11-26.php |
4dd575b8-8f82-11e3-bb11-0025905a4771 | phpmyfaq -- multiple vulnerabilities The phpMyFAQ team reports:
Discovery 2014-02-04 Entry 2014-02-06 phpmyfaq < 2.8.6 CVE-2014-0813 CVE-2014-0814 http://www.phpmyfaq.de/advisory_2014-02-04.php |
99021f88-ca3c-11df-be21-00e018aa7788 | phpmyfaq -- cross site scripting vulnerabilities The phpMyFAQ project reports:
Discovery 2010-09-28 Entry 2010-10-02 phpmyfaq < 2.6.9 ports/151055 http://www.phpmyfaq.de/advisory_2010-09-28.php |
c6b9aee8-3071-11da-af18-000ae4641456 | phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution If magic quotes are off there's a SQL injection when sending a forgotten password. It's possible to overwrite the admin password and to take over the whole system. In some files in the admin section there are some cross site scripting vulnerabilities. In the public frontend it's possible to include arbitrary php files. Discovery 2005-09-23 Entry 2005-09-29 phpmyfaq < 1.5.2 14927 14928 14929 14930 CVE-2005-3046 CVE-2005-3047 CVE-2005-3048 CVE-2005-3049 CVE-2005-3050 http://www.phpmyfaq.de/advisory_2005-09-23.php |
c80a3d93-8632-11e1-a374-14dae9ebcf89 | phpmyfaq -- Remote PHP Code Execution Vulnerability The phpMyFAQ project reports:
Discovery 2012-04-14 Entry 2012-04-14 phpmyfaq < 2.7.5 http://www.phpmyfaq.de/advisory_2012-04-14.php |
e65ad1bf-0d8b-11da-90d0-00304823c0d3 | pear-XML_RPC -- remote PHP code injection vulnerability A Hardened-PHP Project Security Advisory reports:
Note that several applications contains an embedded version on XML_RPC, therefor making them the vulnerable to the same code injection vulnerability. Discovery 2005-08-15 Entry 2005-08-15 Modified 2005-09-04 pear-XML_RPC < 1.4.0 phpmyfaq < 1.4.11 drupal < 4.6.3 eGroupWare < 1.0.0.009 phpAdsNew < 2.0.5 phpgroupware < 0.9.16.007 b2evolution < 0.9.0.12_2 CVE-2005-2498 http://b2evolution.net/news/2005/08/31/fix_for_xml_rpc_vulnerability_again_1 http://downloads.phpgroupware.org/changelog http://drupal.org/files/sa-2005-004/advisory.txt http://phpadsnew.com/two/nucleus/index.php?itemid=45 http://sourceforge.net/project/shownotes.php?release_id=349626 http://www.hardened-php.net/advisory_142005.66.html http://www.hardened-php.net/advisory_152005.67.html http://www.phpmyfaq.de/advisory_2005-08-15.php |
f87a9376-0943-11e6-8fc4-00a0986f28c4 | phpmyfaq -- cross-site request forgery vulnerability The phpMyFAQ team reports:
Discovery 2016-04-11 Entry 2016-04-23 phpmyfaq < 2.8.27 http://www.phpmyfaq.de/security/advisory-2016-04-11 https://www.htbridge.com/advisory/HTB23300 |