Phpmyfaq/phpmyfaq
This hub aggregates every CVE we track for Phpmyfaq/phpmyfaq, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
0
Critical
6
High
0
In CISA KEV
Severity distribution
MEDIUM11HIGH6LOW1
Monthly trend
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
1
1
3
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Phpmyfaq/phpmyfaq.
- CVE-2026-24422phpMyFAQ: Public API endpoints expose emails and invisible questions5.3
- CVE-2026-24420phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)6.5
- CVE-2026-24421phpMyFAQ missing authorization exposes /api/setup/backup to any authenticated user6.5
- CVE-2023-53929phpMyFAQ 3.1.12 CSV Injection via User Profile Export8.8
- CVE-2025-62519phpMyFAQ has Authenticated SQL Injection in Configuration Update Functionality7.2
- CVE-2024-56199phpMyFAQ Vulnerable to Stored HTML Injection at FAQ5.2
- CVE-2024-29196phpMyFAQ Path Traversal in Attachments3.8
- CVE-2024-29179phpMyFAQ Stored Cross-site Scripting at File Attachments4.8
- CVE-2024-28108phpMyFAQ Stored HTML Injection at contentLink4.7
- CVE-2024-28107phpMyFAQ SQL injections at insertentry & saveentry8.8
- CVE-2024-28106phpMyFAQ Stored XSS at FAQ News Content4.3
- CVE-2024-28105phpMyFAQ's File Upload Bypass at Category Image Leads to RCE7.2
- CVE-2024-27300phpMyFAQ Stored XSS at user email5.5
- CVE-2024-27299phpMyFAQ SQL Injection at "Save News"8.8
- CVE-2024-24574phpMyFAQ vulnerable to stored XSS on attachments filename6.5
Product normalization is registry-driven with AI assist and human review. How it works