Search Vulnerabilities

Grav Form Plugin has an Anonymous Page Content Overwrite via Form File Upload filename Override

Flight vulnerable to sensitive information disclosure via default error handler

Flight: HTTP method override enabled by default, facilitating CSRF escalation and middleware bypass

Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete

Flight has path traversal in `make:controller` CLI that creates arbitrary directories outside project root

Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()

Low-privileged Grav API users can create super-admin accounts via blueprint-upload

Magento LTS: Reflected XSS - Import -> Data Flow (profiles)

Statamic CMS vulnerable to email enumeration via forgot password endpoint

phpMyFAQ has unauthenticated SQL injection via User-Agent header in BuiltinCaptcha

phpMyFAQ: Path Traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-super-admin admins

phpMyFAQ has unauthenticated FAQ permission bypass via getFaqBySolutionId fallback query

phpMyFAQ has SQL Injection in CurrentUser::setTokenData through unescaped OAuth token fields

phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id

phpMyFAQ: Ordinary Authenticated User Can Access Admin-Only API Endpoints Due to Insufficient Authorization Check in phpMyFAQ

phpMyFAQ has stored XSS via | raw Filter in search.twig — html_entity_decode(strip_tags()) Bypass in Search Result Rendering

phpMyFAQ's Missing CONFIGURATION_EDIT Permission Check on 12 Admin API Configuration Tab Endpoints Allows Information Disclosure by Any Authenticat...

phpMyFAQ has a SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS

phpMyFAQ has Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization

phpMyFAQ's Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags