FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
33888815-631e-4bba-b776-a9b46fe177b5phpmyfaq -- multiple issues

phpmyfaq developers report:

Cross-site scripting (XSS) vulnerability in inc/PMF/Faq.php in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the Questions field in an "Add New FAQ" action.

Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.


Discovery 2017-09-20
Entry 2017-09-29
phpmyfaq
le 2.9.8

https://www.exploit-db.com/exploits/42761/
https://github.com/thorsten/phpMyFAQ/commit/30b0025e19bd95ba28f4eff4d259671e7bb6bb86
CVE-2017-14618
CVE-2017-14619
1f655433-551b-11eb-9cda-589cfc0f81b0phpmyfaq -- XSS vulnerability

phpmyfaq developers report:

phpMyFAQ does not implement sufficient checks to avoid XSS injection for displaying tags.


Discovery 2020-12-23
Entry 2021-01-12
phpmyfaq
le 3.0.6

https://www.phpmyfaq.de/security/advisory-2020-12-23