Known Vulnerabilities for products from Phpmyfaq

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Phpmyfaq".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-34974 json	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the regex-based SVG sanitizer in phpMyFAQ (SvgSanitiz...	Not Provided	2026-04-02	2026-04-06
CVE-2026-34973 json	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the searchCustomPages() method in phpmyfaq/src/phpMyF...	Not Provided	2026-04-02	2026-04-06
CVE-2026-34729 json	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass ...	Not Provided	2026-04-02	2026-04-07
CVE-2026-34728 json	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index() method handles fi...	Not Provided	2026-04-02	2026-04-07
CVE-2026-32629 json	phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, an unauthenticated attacker can submit a guest FAQ wi...	Not Provided	2026-04-02	2026-04-07
CVE-2023-5867 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.2.	5.4 - MEDIUM	2023-10-31	2023-11-08
CVE-2023-5866 json	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1.	5.7 - MEDIUM	2023-10-31	2023-11-08
CVE-2023-5865 json	Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2.	9.8 - CRITICAL	2023-10-31	2023-11-09
CVE-2023-5864 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1.	4.8 - MEDIUM	2023-10-31	2023-11-08
CVE-2023-5863 json	Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2.	6.1 - MEDIUM	2023-10-31	2023-11-08
CVE-2023-5320 json	Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.	6.1 - MEDIUM	2023-09-30	2023-10-02
CVE-2023-5319 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.	5.4 - MEDIUM	2023-09-30	2023-10-02
CVE-2023-5317 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.	5.4 - MEDIUM	2023-09-30	2023-10-02
CVE-2023-5316 json	Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.	6.1 - MEDIUM	2023-09-30	2023-10-02
CVE-2023-5227 json	Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8.	9.8 - CRITICAL	2023-09-30	2023-10-02
CVE-2023-4007 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.16.	5.4 - MEDIUM	2023-07-31	2023-08-03
CVE-2023-4006 json	Improper Neutralization of Formula Elements in a CSV File in GitHub repository thorsten/phpmyfaq prior to 3.1.16.	9.8 - CRITICAL	2023-07-31	2023-08-03
CVE-2023-3469 json	Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.0-beta.2.	4.8 - MEDIUM	2023-06-30	2023-07-06
CVE-2023-2999 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.	6.1 - MEDIUM	2023-05-31	2023-06-03
CVE-2023-2998 json	Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.	6.1 - MEDIUM	2023-05-31	2023-06-03

Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Phpmyfaq

Type	Vendor	Product	Version
Application	Phpmyfaq	Phpmyfaq	0.1