Login Sign Up

Phpmyfaq Security Vulnerabilities (CVEs)

Track 24 security vulnerabilities affecting Phpmyfaq products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

3 Critical
15 High
6 Medium
🔔 Get Alerts for Phpmyfaq
CVE-2026-24422 5.3

This vulnerability in phpMyFAQ exposes sensitive user information through multiple public API endpoints due to insufficient access controls. Attackers...

Jan 24, 2026
CVE-2026-24420 6.5

This vulnerability allows authenticated users without proper permissions to download FAQ attachments in phpMyFAQ due to flawed permission checks. It a...

Jan 24, 2026
CVE-2026-24421 6.5

This vulnerability in phpMyFAQ allows any authenticated user, regardless of permissions, to trigger configuration backups and retrieve the backup file...

Jan 24, 2026
CVE-2025-68951 5.4

This stored XSS vulnerability in phpMyFAQ allows attackers to inject malicious JavaScript into administrator browsers by registering users with specia...

Dec 29, 2025
CVE-2025-69200 7.5

An unauthenticated remote attacker can trigger generation and download of configuration backup ZIP files in vulnerable phpMyFAQ installations. This ex...

Dec 29, 2025
CVE-2023-53929 8.8

CVE-2023-53929 is a CSV injection vulnerability in phpMyFAQ 3.1.12 that allows authenticated users to inject malicious formulas into their profile nam...

Dec 17, 2025
CVE-2025-62519 7.2

An authenticated SQL injection vulnerability in phpMyFAQ allows users with 'Configuration Edit' permissions to execute arbitrary SQL commands. This ca...

Nov 17, 2025
CVE-2025-59943 8.1

phpMyFAQ versions 4.0-nightly-2025-10-03 and below allow multiple user accounts to be registered with the same email address due to missing uniqueness...

Oct 3, 2025
CVE-2024-56199 5.2

This vulnerability allows attackers to inject malicious HTML content into the phpMyFAQ editor, disrupting the user interface and potentially causing d...

Jan 2, 2025
CVE-2024-54141 8.6

phpMyFAQ versions before 4.0.0 expose database credentials in error messages when database connection fails. This allows attackers to obtain sensitive...

Dec 6, 2024
CVE-2024-28105 7.2

This vulnerability in phpMyFAQ allows attackers to upload malicious PHP files by manipulating Content-type and lang parameters during category image u...

Mar 25, 2024
CVE-2024-28107 8.8

A SQL injection vulnerability in phpMyFAQ allows authenticated users with FAQ news editing permissions to execute arbitrary SQL commands. This can lea...

Mar 25, 2024
CVE-2024-27299 8.8

A SQL injection vulnerability in phpMyFAQ's 'Add News' functionality allows authenticated users with news editing permissions to execute arbitrary SQL...

Mar 25, 2024
CVE-2023-5865 9.8

This vulnerability in phpMyFAQ allows attackers to maintain access to user sessions beyond intended expiration times. Attackers can hijack sessions to...

Oct 31, 2023
CVE-2023-5227 9.8

This vulnerability allows attackers to upload malicious files to phpMyFAQ servers due to insufficient file type validation. Affects all phpMyFAQ insta...

Sep 30, 2023
CVE-2023-2429 9.8

CVE-2023-2429 is an improper access control vulnerability in phpMyFAQ that allows attackers to bypass authentication and gain unauthorized access to a...

Apr 30, 2023
CVE-2023-1886 7.3

This CVE describes an authentication bypass vulnerability in phpMyFAQ where attackers can replay captured authentication data to gain unauthorized acc...

Apr 5, 2023
CVE-2023-1762 8.8

This CVE describes an improper privilege management vulnerability in phpMyFAQ versions prior to 3.1.12. It allows authenticated users to escalate priv...

Mar 31, 2023
CVE-2023-0880 8.3

CVE-2023-0880 is an input misinterpretation vulnerability in phpMyFAQ that allows attackers to manipulate input processing, potentially leading to una...

Feb 17, 2023
CVE-2023-0786 8.4

This CVE describes a cross-site scripting (XSS) vulnerability in phpMyFAQ software versions prior to 3.1.11. Attackers can inject malicious scripts in...

Feb 12, 2023
CVE-2023-0788 8.1

CVE-2023-0788 is a code injection vulnerability in phpMyFAQ that allows attackers to execute arbitrary code on affected systems. This affects all user...

Feb 12, 2023
CVE-2023-0790 7.6

CVE-2023-0790 is an uncaught exception vulnerability in phpMyFAQ that can lead to denial of service or information disclosure. Attackers can trigger u...

Feb 12, 2023
CVE-2023-0793 7.1

This CVE describes weak password requirements in phpMyFAQ versions prior to 3.1.11, allowing attackers to more easily guess or brute-force user passwo...

Feb 12, 2023
CVE-2022-4407 6.1

This CVE describes a reflected cross-site scripting (XSS) vulnerability in phpMyFAQ versions prior to 3.1.9. Attackers can inject malicious scripts vi...

Dec 11, 2022

Why Monitor Phpmyfaq Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 24+ known vulnerabilities affecting Phpmyfaq products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Phpmyfaq packages in under 60 seconds. No agents required - completely agentless scanning that works across Phpmyfaq deployments.

Free vulnerability database: Access detailed information about every Phpmyfaq CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Phpmyfaq CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Phpmyfaq CVEs Free