Vulnerabilities in thorsten
115 resultsCVE-2022-4409MEDIUMSensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaqEPSS 0.4%CVE-2026-24420MEDIUMphpMyFAQ: Attachment download allowed without dlattachment right (broken access control)EPSS 0.4%CVE-2023-5316CRITICALCross-site Scripting (XSS) - DOM in thorsten/phpmyfaqEPSS 0.4%CVE-2023-5867MEDIUMCross-site Scripting (XSS) - Stored in thorsten/phpmyfaqEPSS 0.4%CVE-2023-5319HIGHCross-site Scripting (XSS) - Stored in thorsten/phpmyfaqEPSS 0.4%CVE-2026-27836HIGHphpMyFAQ Allows Unauthenticated Account Creation via WebAuthn Prepare EndpointEPSS 0.4%CVE-2023-0313MEDIUMCross-site Scripting (XSS) - Stored in thorsten/phpmyfaqEPSS 0.4%CVE-2024-56199MEDIUMphpMyFAQ Vulnerable to Stored HTML Injection at FAQEPSS 0.4%CVE-2026-35672HIGHphpMyFAQ - Authentication Bypass via Empty API TokenEPSS 0.4%CVE-2025-59943HIGHphpMyFAQ duplicate email registration allows multiple accounts with the same emailEPSS 0.4%CVE-2026-24422MEDIUMphpMyFAQ: Public API endpoints expose emails and invisible questionsEPSS 0.4%CVE-2026-45010CRITICALphpMyFAQ - Unauthenticated Two-Factor Authentication Brute-Force via /admin/check EndpointEPSS 0.3%CVE-2026-34973MEDIUMphpMyFAQ has a LIKE Wildcard Injection in Search.php — Unescaped % and _ Metacharacters Enable Broad Content DisclosureEPSS 0.3%CVE-2023-5317MEDIUMCross-site Scripting (XSS) - Stored in thorsten/phpmyfaqEPSS 0.3%CVE-2026-35675HIGHphpMyFAQ - Authentication Bypass via Missing Password Reset Token in /api/user/password/updateEPSS 0.3%CVE-2026-46362HIGHphpMyFAQ - Authorization Bypass in Admin Pages via Non-Terminating Permission CheckEPSS 0.3%CVE-2026-35671HIGHphpMyFAQ - Insecure Direct Object Reference in User Password APIEPSS 0.3%CVE-2023-5866MEDIUMSensitive Cookie in HTTPS Session Without 'Secure' Attribute in thorsten/phpmyfaqEPSS 0.3%CVE-2026-45008HIGHphpMyFAQ - Path Traversal in Client::deleteClientFolder via URL ParameterEPSS 0.3%CVE-2026-32629MEDIUMphpMyFAQ: Stored XSS via Unsanitized Email Field in Admin FAQ EditorEPSS 0.3%