Vulnerability Database
Blog
FAQ
Docs
CVE-2018-16651
See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-16651
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16651.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-16651
Published
2018-09-07T05:29:00Z
Modified
2024-09-03T02:06:14.043199Z
Severity
7.2 (High)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.
References
https://www.phpmyfaq.de/security/advisory-2018-09-02
Affected packages
Git
/
github.com/thorsten/phpmyfaq
Affected ranges
Type
GIT
Repo
https://github.com/thorsten/phpmyfaq
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
89da4e3a5adb06772960c957a2f13215d9e23681
Affected versions
2.*
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
2.5.7
2.6.0
2.6.0-RC
2.6.0-alpha
2.6.0-beta
2.6.1
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.7.0
2.7.0-RC
2.7.0-alpha
2.7.0-alpha2
2.7.0-beta
2.7.0-beta2
2.7.0-beta3
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.7.6
2.7.7
2.7.8
2.7.9
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha
2.8.0-alpha2
2.8.0-alpha3
2.8.0-beta
2.8.0-beta2
2.8.0-beta3
2.8.1
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.2
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.25
2.8.26
2.8.27
2.8.28
2.8.29
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.9.0
2.9.0-RC
2.9.0-RC2
2.9.0-RC3
2.9.0-RC4
2.9.0-alpha
2.9.0-alpha2
2.9.0-alpha3
2.9.0-alpha4
2.9.0-beta
2.9.0-beta2
2.9.1
2.9.10
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
CVE-2018-16651 - OSV