Thorsten Rinne

100 exploits Active since Apr 2017
CVE-2026-48488 WRITEUP LOW WRITEUP
phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.4, attachment passwords are hashed using SHA-1, a cryptographically broken algorithm. SHA-1 has been vulnerable to collision attacks since 2017 (SHAttered). Version 4.1.4 fixes the issue.
CVE-2026-46364 WRITEUP CRITICAL WRITEUP
phpMyFAQ - SQL Injection via User-Agent Header in BuiltinCaptcha
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captcha endpoint by crafting malicious User-Agent headers to perform time-based blind SQL injection, extracting sensitive data including user credentials, admin tokens, and SMTP credentials from the database.
CVSS 9.8
CVE-2017-14619 WRITEUP MEDIUM WRITEUP
phpmyfaq <= 2.9.8 - Stored Cross-Site Scripting via FAQ Title Field
Cross-site scripting (XSS) vulnerability in phpMyFAQ through 2.9.8 allows remote attackers to inject arbitrary web script or HTML via the "Title of your FAQ" field in the Configuration Module.
CVSS 6.1
CVE-2017-15727 WRITEUP MEDIUM WRITEUP
phpmyfaq < 2.9.8 - Stored Cross-Site Scripting via HTML Attachment
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
CVSS 5.4
CVE-2017-15730 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.ratings.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
CVSS 8.8
CVE-2017-15734 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.main.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
CVSS 8.8
CVE-2017-15735 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery for Glossary Modification
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
CVSS 8.8
CVE-2017-15808 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/ajax.config.php
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
CVSS 8.8
CVE-2022-3766 WRITEUP MEDIUM WRITEUP
phpmyfaq < 3.1.8 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 6.1
CVE-2022-4407 WRITEUP MEDIUM WRITEUP
phpmyfaq < 3.1.9 - Reflected Cross-Site Scripting
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVSS 6.1
CVE-2024-27300 WRITEUP MEDIUM WRITEUP
phpMyFAQ >=3.2.5 <3.2.6 - Stored Cross-Site Scripting via Email Field
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The `email` field in phpMyFAQ's user control panel page is vulnerable to stored XSS attacks due to the inadequacy of PHP's `FILTER_VALIDATE_EMAIL` function, which only validates the email format, not its content. This vulnerability enables an attacker to execute arbitrary client-side JavaScript within the context of another user's phpMyFAQ session. This vulnerability is fixed in 3.2.6.
CVSS 5.5
CVE-2024-55889 WRITEUP MEDIUM WRITEUP
phpMyFAQ < 3.2.10 - Unauthenticated File Download via FAQ Record Iframe Embed
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. Version 3.2.10 fixes the issue.
CVSS 4.9
CVE-2026-27836 WRITEUP HIGH WRITEUP
phpmyfaq < 4.0.18 - Unauthenticated Account Creation via WebAuthn Prepare Endpoint
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited user accounts even when registration is disabled. Version 4.0.18 fixes the issue.
CVSS 7.5
CVE-2017-15728 WRITEUP MEDIUM WRITEUP
phpmyfaq < 2.9.8 - Stored Cross-Site Scripting via metaDescription or metaKeywords
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
CVSS 4.8
CVE-2017-15729 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery for Glossary Addition
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
CVSS 8.8
CVE-2017-15731 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in admin/stat.adminlog.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
CVSS 8.8
CVE-2017-15732 WRITEUP HIGH WRITEUP
phpMyFAQ < 2.9.8 - Cross-Site Request Forgery in admin/news.php
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
CVSS 8.8
CVE-2017-15733 WRITEUP HIGH WRITEUP
phpmyfaq < 2.9.8 - Cross-Site Request Forgery in Admin Attachment Handling
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
CVSS 8.8
CVE-2017-15809 WRITEUP MEDIUM WRITEUP
phpmyfaq < 2.9.8 - Stored Cross-Site Scripting via Admin Tags
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
CVSS 6.1
CVE-2017-7579 WRITEUP MEDIUM WRITEUP
phpmyfaq < 2.9.6 - Cross-Site Scripting in Question Field
inc/PMF/Faq.php in phpMyFAQ before 2.9.7 has XSS in the question field.
CVSS 6.1
CVE-2022-3608 WRITEUP HIGH WRITEUP
phpmyfaq < 3.2.0-alpha - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.0-alpha.
CVSS 8.4
CVE-2022-3754 WRITEUP CRITICAL WRITEUP
thorsten/phpmyfaq <3.1.8 - Info Disclosure
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 9.8
CVE-2022-3765 WRITEUP MEDIUM WRITEUP
phpmyfaq < 3.1.8 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.8.
CVSS 5.4
CVE-2022-4408 WRITEUP MEDIUM WRITEUP
phpmyfaq < 3.1.9 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVSS 5.4
CVE-2022-4409 WRITEUP HIGH WRITEUP
thorsten/phpmyfaq <3.1.9 - Info Disclosure
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
CVSS 7.5