thorsten/phpmyfaq vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the thorsten/phpmyfaq package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
User Interface (UI) Misrepresentation of Critical Information

<3.2.10
  • C
Credential Exposure

<4.0.0
  • H
SQL Injection

>=3.2.5, <3.2.6
  • M
Cross-site Scripting (XSS)

>=3.2.5, <3.2.6
  • M
Cross-site Scripting (XSS)

>=3.2.5, <3.2.6
  • H
Arbitrary File Upload

>=3.2.5, <3.2.6
  • H
SQL Injection

>=3.2.5, <3.2.6
  • M
Cross-site Scripting (XSS)

>=3.2.5, <3.2.6
  • L
Directory Traversal

>=3.2.5, <3.2.6
  • M
Cross-site Scripting (XSS)

>=3.2.5, <3.2.6
  • M
Improper Access Control

<3.2.5
  • M
Cross-site Scripting (XSS)

<3.2.5
  • M
Improper Access Control

<3.2.5
  • M
Cross-site Scripting (XSS)

<3.1.17
  • M
Cross-site Scripting (XSS)

<3.1.17
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

<3.2.2
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

<3.2.1
  • M
Cross-site Scripting (XSS)

<3.2.2
  • M
Sensitive Cookie Without 'Secure' Attribute

<3.2.1
  • H
Insufficient Session Expiration

<3.2.2
  • M
Cross-site Scripting (XSS)

<3.1.18
  • M
Cross-site Scripting (XSS)

<3.1.18
  • M
Cross-site Scripting (XSS)

<3.1.18
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

<3.1.18
  • M
Unrestricted Upload of File with Dangerous Type

<3.1.8
  • M
Cross-site Scripting (XSS)

<3.1.16
  • H
Improper Input Validation

<3.1.16
  • M
Cross-site Scripting (XSS)

<3.2.0-RC
  • M
Cross-site Scripting (XSS)

<3.1.14
  • M
Cross-site Scripting (XSS)

<3.1.14
  • M
Cross-site Scripting (XSS)

<3.2.0-beta
  • M
Cross-site Scripting (XSS)

<3.2.0-beta
  • M
Cross-site Scripting (XSS)

<3.1.13
  • M
Cross-site Scripting (XSS)

<3.1.13
  • M
Cross-site Scripting (XSS)

<3.1.13
  • M
Access Restriction Bypass

<3.1.13
  • M
Cross-site Scripting (XSS)

<3.1.12
  • H
Cross-site Scripting (XSS)

<3.1.12
  • M
Cross-site Scripting (XSS)

<3.1.12
  • H
Cross-site Scripting (XSS)

<3.1.12
  • M
Access Control Bypass

<3.1.12
  • H
Cross-site Scripting (XSS)

<3.1.12
  • M
Cross-site Scripting (XSS)

<3.1.12
  • H
Cross-site Scripting (XSS)

<3.1.12
  • M
Cross-site Scripting (XSS)

<3.1.12
  • M
Cross-site Scripting (XSS)

<3.1.12
  • H
Replay Attack

<3.1.12
  • H
Cross-site Scripting (XSS)

<3.1.12
  • H
Business Logic Errors

<3.1.12
  • H
Cross-site Scripting (XSS)

>=0.0.0, <3.1.12
  • M
Weak Password Requirements

>=0.0.0, <3.1.12
  • M
Improper Input Validation

>=0.0.0, <3.1.12
  • H
Cross-site Scripting (XSS)

>=0.0.0, <3.1.12
  • M
Cross-site Scripting (XSS)

>=0.0.0, <3.1.12
  • M
Arbitrary Code Injection

>=0.0.0, <3.1.12
  • H
Improper Privilege Management

<3.1.12
  • H
Misinterpretation of Input

<3.1.11
  • H
Arbitrary Command Injection

<3.1.11
  • H
Arbitrary Code Injection

>=0.0.0, <3.1.11
  • M
Cross-site Scripting (XSS)

>=0.0.0, <3.1.11
  • H
Uncaught Exception

>=0.0.0, <3.1.11
  • M
Arbitrary Code Injection

>=0.0.0, <3.1.11
  • H
Cross-site Scripting (XSS)

>=0.0.0, <3.1.11
  • H
Cross-site Scripting (XSS)

>=0.0.0, <3.1.11
  • H
Weak Password Requirements

>=0.0.0, <3.1.11
  • M
Cross-site Scripting (XSS)

>=0.0.0, <3.1.11
  • H
Cross-site Scripting (XSS)

<3.1.10
  • H
Cross-site Scripting (XSS)

<3.1.10
  • H
Cross-site Scripting (XSS)

<3.1.10
  • M
Weak Password Requirements

<3.1.10
  • M
Cross-site Scripting (XSS)

<3.1.10
  • M
Cross-site Scripting (XSS)

<3.1.10
  • M
Cross-site Scripting (XSS)

<3.1.10
  • M
Improper Authentication

<3.1.10
  • M
Access Restriction Bypass

<3.1.10
  • H
Cross-site Scripting (XSS)

<3.1.10
  • M
Cross-site Scripting (XSS)

<3.1.9
  • M
Cross-site Scripting (XSS)

<3.1.9
  • M
Information Exposure

<3.1.9
  • M
Cross-site Scripting (XSS)

<3.1.8
  • M
Cross-site Scripting (XSS)

<3.1.8
  • M
Weak Password Requirements

<3.1.8
  • M
Cross-site Scripting (XSS)

>=0.0.0, <3.2.0-alpha
  • H
CSV Injection

<2.9.11
  • H
Cross-site Request Forgery (CSRF)

<2.9.11
  • M
Cross-site Scripting (XSS)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • M
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • H
Cross-Site Request Forgery (CSRF)

<2.9.9
  • M
Cross-site Scripting (XSS)

<2.9.9
  • M
Cross-site Scripting (XSS)

<2.9.9