FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
439f3f81-7a49-11ed-97ac-589cfc0f81b0phpmyfaq -- multiple vulnerabilities

phpmyfaq developers report:

an authenticated SQL injection when adding categories in the admin backend

a stored cross-site scripting vulnerability in the category name

a stored cross-site scripting vulnerability in the admin logging

a stored cross-site scripting vulnerability in the FAQ title

a PostgreSQL based SQL injection for the lang parameter

a SQL injection when storing an instance name in the admin backend

a SQL injection when adding attachments in the admin backend

a stored cross-site scripting vulnerability when adding users by admins

a missing "secure" flag for cookies when using TLS

a cross-site request forgery / cross-site scripting vulnerability when saving new questions

a reflected cross-site scripting vulnerability in the admin backend


Discovery 2022-12-11
Entry 2022-12-12
phpmyfaq
< 3.1.9

https://huntr.dev/bounties/a1649f43-78c9-4927-b313-36911872a84b/
https://huntr.dev/bounties/2ec4ddd4-de22-4f2d-ba92-3382b452bfea/
https://huntr.dev/bounties/5915ed4c-5fe2-42e7-8fac-5dd0d032727c/
https://huntr.dev/bounties/5944f154-c0ab-4547-9d9d-3101e86eb975/
https://huntr.dev/bounties/315aa78d-7bd2-4b14-86f2-b5c211e62034/
https://huntr.dev/bounties/eb3a8ea3-daea-4555-a3e6-80b82f533792/
https://huntr.dev/bounties/faac0c92-8d4b-4901-a933-662b661a3f99/
https://huntr.dev/bounties/56499a60-2358-41fe-9b38-8cb23cdfc17c/
https://huntr.dev/bounties/f531bbf2-32c8-4efe-8156-ae9bc6b5d3aa/
https://huntr.dev/bounties/322c12b1-08d5-4ee3-9d94-d4bb40366c7a/
https://huntr.dev/bounties/f2857bc7-8fbc-489a-9a38-30b93300eec5/