Security Advisories

We seriously take care about any security issues found in phpMyFAQ or bundled components. If you’ve discovered a security vulnerability in phpMyFAQ, we appreciate your help in disclosing it to us in a responsible manner.

Publicly disclosing a vulnerability can put the entire community at risk. If you’ve discovered a security concern, please email us at security@phpmyfaq.de. We’ll work with you to make sure that we understand the scope of the issue, and that we fully address your concern. We consider correspondence sent to security@phpmyfaq.de our highest priority, and work to address any issues that arise as quickly as possible.

Please act in good faith towards our users’ privacy and data during your disclosure. We won’t take legal action against you or administrative action against your account if you act accordingly: White hat researchers are always appreciated.

Here you can find our advisories:

2024

• Security Advisory 2024-03-25
• Security Advisory 2024-02-05

2023

• Security Advisory 2023-10-27
• Security Advisory 2023-09-21
• Security Advisory 2023-08-27
• Security Advisory 2023-07-16
• Security Advisory 2023-05-17
• Security Advisory 2023-04-23
• Security Advisory 2023-03-20
• Security Advisory 2023-02-12
• Security Advisory 2023-01-15

2022

• Security Advisory 2022-12-11
• Security Advisory 2022-10-24
• Security Advisory 2022-10-02
• Security Advisory 2022-07-23
• Security Advisory 2022-01-17

2021

• Security Advisory 2021-10-22

2020

• Security Advisory 2020-12-23

2018

• Security Advisory 2018-09-02

2017

• Security Advisory 2017-10-19
• Security Advisory 2017-07-12
• Security Advisory 2017-04-02
• Security Advisory 2017-01-27

2016

• Security Advisory 2016-04-11

2014

• Security Advisory 2014-11-30
• Security Advisory 2014-09-16
• Security Advisory 2014-02-04

2013

• Security Advisory 2013-11-26
• Security Advisory 2013-11-18

2012

• Security Advisory 2012-04-14

2011

• Security Advisory 2011-10-25
• Security Advisory 2011-09-28

2010

• Security Advisory 2010-12-15
• Security Advisory 2010-09-28

2009

• Security Advisory 2009-12-01
• Security Advisory 2009-09-01
• Security Advisory 2009-06-02

2008

• Security Advisory 2008-09-11

2007

• Security Advisory 2007-02-18

2006

• Security Advisory 2006-12-15
• Security Advisory 2006-04-21

2005

• Security Advisory 2005-11-18
• Security Advisory 2005-09-23
• Security Advisory 2005-08-15
• Security Advisory 2005-06-29
• Security Advisory 2005-03-06

2004

• Security Advisory 2004-07-27
• Security Advisory 2004-05-18

We want to say a big thank you to Stefan Esser from SektionEins GmbH and Christopher Kunz, Johann-Peter Hartmann from Mayflower GmbH and Johannes Schlüter for auditing phpMyFAQ in the past.

For further information and in case of questions, please contact the phpMyFAQ Team.