VIR Vulnerability Intelligence Relay

Package impact

php Packagist / phpMyFAQ/phpMyFAQ

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-45008 medium 6.5 6.5 12d ago phpMyFAQ: Path traversal in Client::deleteClientFolder enables arbitrary directory deletion by non-super-admin admins php
CVE-2026-46360 medium 5.4 5.4 12d ago phpMyFAQ: SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS php
CVE-2026-46363 medium 5.4 5.4 12d ago phpMyFAQ: Stored XSS in FAQ Question/Answer via Encode-Decode Bypass of removeAttributes() Sanitization php
CVE-2026-46365 medium 5.4 5.4 12d ago phpMyFAQ: Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags php
CVE-2026-45009 medium 4.3 4.3 12d ago phpMyFAQ: Ordinary Authenticated User Can Access Admin-Only API Endpoints Due to Insufficient Authorization Check php