FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyfaq -- multiple vulnerabilities

Affected packages
phpmyfaq < 3.1.8

Details

VuXML ID f5a48a7a-61d3-11ed-9094-589cfc0f81b0
Discovery 2022-10-24
Entry 2022-11-11

phpmyfaq developers report:

a pre-auth SQL injection in then saving user comments

a reflected cross-site scripting vulnerability in the search

a stored cross-site scripting vulnerability in the meta data administration

a weak password requirement

[source]

References

URL https://huntr.dev/bounties/613143a1-8e51-449a-b214-12458308835d/
URL https://huntr.dev/bounties/d9666520-4ff5-43bb-aacf-50c8e5570983/
URL https://huntr.dev/bounties/f4711d7f-1368-48ab-9bef-45f32e356c47/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.