FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyfaq -- multiple vulnerabilities

Affected packages
		phpmyfaq	<	3.1.11

Details

VuXML ID	3eccc968-ab17-11ed-bd9e-589cfc0f81b0
Discovery	2023-02-12
Entry	2023-02-12

phpmyfaq developers report:

a bypass to flood admin with FAQ proposals

stored XSS in questions

stored HTML injections

weak passwords

[source]

References

URL	https://huntr.dev/bounties/06af150b-b481-4248-9a48-56ded2814156/
URL	https://huntr.dev/bounties/14fc4841-0f5d-4e12-bf9e-1b60d2ac6a6c/
URL	https://huntr.dev/bounties/7152b340-c6f3-4ac8-9f62-f764a267488d/
URL	https://huntr.dev/bounties/808d5452-607c-4af1-812f-26c49faf3e61/
URL	https://huntr.dev/bounties/87397c71-7b84-4617-a66e-fa6c73be9024/
URL	https://huntr.dev/bounties/8c74ccab-0d1d-4c6b-a0fa-803aa65de04f/
URL	https://huntr.dev/bounties/949975f1-271d-46aa-85e5-1a013cdb5efb/
URL	https://huntr.dev/bounties/9e21156b-ab1d-4c60-88ef-8c9f3e2feb7f/
URL	https://huntr.dev/bounties/b3881a1f-2f1e-45cb-86f3-735f66e660e9/
URL	https://huntr.dev/bounties/d9375178-2f23-4f5d-88bd-bba3d6ba7cc5/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.