Security

We seriously take care about any security issues found in phpMyFAQ or bundled components. If you’ve discovered a security vulnerability in phpMyFAQ, we appreciate your help in disclosing it to us in a responsible manner.

Publicly disclosing a vulnerability can put the entire community at risk. If you’ve discovered a security concern, please email us at security@phpmyfaq.de. We’ll work with you to make sure that we understand the scope of the issue, and that we fully address your concern. We consider correspondence sent to security@phpmyfaq.de our highest priority, and work to address any issues that arise as quickly as possible.

Please act in good faith towards our users’ privacy and data during your disclosure. We won’t take legal action against you or administrative action against your account if you act accordingly: White hat researchers are always appreciated.

Here you can find our advisories:

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

We want to say a big thank you to Stefan Esser from SektionEins GmbH and Christopher Kunz from the Hardened PHP team and to Johann-Peter Hartmann from Mayflower GmbH and Johannes Schlüter from the PHP Development team for auditing phpMyFAQ.

For further information and in case of questions, please contact the phpMyFAQ Team.