phpMyFAQ CVE Vulnerabilities & CVE List (161)

Products (CPE): — CVEs: 161

phpMyFAQ vulnerability overview

Aggregates CVE and security vulnerability intelligence across all phpMyFAQ-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk csrf, vendor risk sql injection, vendor risk path handling, and vendor risk input validation and related problems; some flaws may lead to vendor impact data exposure.

Vulnerability distribution trend (last 24 months)

Showing 101120 of 161 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2023-0787 Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11. [email protected] 8.1 0.53% 2023-02-12 2026-06-17
CVE-2023-0786 Cross-site Scripting (XSS) - Generic in GitHub repository thorsten/phpmyfaq prior to 3.1.11. [email protected] 8.4 0.60% 2023-02-12 2026-06-17
CVE-2023-0314 Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 6.1 0.51% 2023-01-15 2026-06-17
CVE-2023-0313 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 5.4 0.40% 2023-01-15 2026-06-17
CVE-2023-0312 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 6.1 0.56% 2023-01-15 2026-06-17
CVE-2023-0311 Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 9.8 0.93% 2023-01-15 2026-06-17
CVE-2023-0310 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 5.4 0.55% 2023-01-15 2026-06-17
CVE-2023-0309 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 5.4 0.49% 2023-01-15 2026-06-17
CVE-2023-0308 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 5.4 0.49% 2023-01-15 2026-06-17
CVE-2023-0307 Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 9.8 0.64% 2023-01-15 2026-06-17
CVE-2023-0306 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10. [email protected] 5.4 0.54% 2023-01-15 2026-06-17
CVE-2022-4409 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9. [email protected] 7.5 0.42% 2022-12-11 2026-06-17
CVE-2022-4408 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9. [email protected] 5.4 0.48% 2022-12-11 2026-06-17
CVE-2022-4407 Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9. [email protected] 6.1 4.38% 2022-12-11 2026-06-17
CVE-2022-3766 Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8. [email protected] 6.1 5.74% 2022-10-31 2026-06-17
CVE-2022-3765 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8. [email protected] 5.4 0.53% 2022-10-31 2026-06-17
CVE-2022-3754 Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8. [email protected] 9.8 1.14% 2022-10-29 2026-06-17
CVE-2022-3608 Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha. [email protected] 8.4 0.92% 2022-10-19 2026-06-17
CVE-2018-16651 The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. [email protected] 7.2 1.37% 2018-09-07 2026-06-16
CVE-2018-16650 phpMyFAQ before 2.9.11 allows CSRF. [email protected] 8.8 0.50% 2018-09-07 2026-06-16
cvelogic Threat Intelligence