Vulnerability Database
Blog
FAQ
Docs
GHSA-6cpg-gqgq-2rrr
Suggest an improvement
Source
https://github.com/advisories/GHSA-6cpg-gqgq-2rrr
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/03/GHSA-6cpg-gqgq-2rrr/GHSA-6cpg-gqgq-2rrr.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-6cpg-gqgq-2rrr
Aliases
CVE-2023-1761
Published
2023-03-31T03:30:30Z
Modified
2023-11-08T04:11:19.630188Z
Severity
5.4 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
phpMyFAQ Code Injection vulnerability
Details
Code Injection in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1761
https://github.com/thorsten/phpmyfaq/commit/128ef85f8e3ab7869d3107aa4d0b6867b53391d7
https://github.com/thorsten/phpmyfaq
https://huntr.dev/bounties/24c0a65f-0751-4ff8-af63-4b325ac8879f
Affected packages
Packagist
/
thorsten/phpmyfaq
Package
Name
thorsten/phpmyfaq
Purl
pkg:composer/thorsten/phpmyfaq
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
3.1.12
Affected versions
2.*
2.8.0-alpha2
2.8.0-alpha3
2.8.0-beta
2.8.0-beta2
2.8.0-beta3
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0
2.8.1
2.8.2
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.25
2.8.26
2.8.27
2.8.28
2.8.29
2.9.0-alpha
2.9.0-alpha2
2.9.0-alpha3
2.9.0-alpha4
2.9.0-beta
2.9.0-beta2
2.9.0-rc
2.9.0-rc2
2.9.0-rc3
2.9.0-rc4
2.9.0
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8
2.9.9
2.9.10
2.9.11
2.9.12
2.9.13
2.10.0-alpha
3.*
3.0.0-alpha
3.0.0-alpha.2
3.0.0-alpha.3
3.0.0-alpha.4
3.0.0-beta
3.0.0-beta.2
3.0.0-beta.3
3.0.0-RC
3.0.0-RC.2
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.0.10
3.0.11
3.0.12
3.1.0-alpha
3.1.0-alpha.2
3.1.0-alpha.3
3.1.0-beta
3.1.0-RC
3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11
GHSA-6cpg-gqgq-2rrr - OSV