security/vuxml: Record phpmyfaq vulenrabilities

author: Florian Smeets <flo@FreeBSD.org> 2026-01-10 12:43:04 +0000
committer: Florian Smeets <flo@FreeBSD.org> 2026-01-10 12:58:28 +0000
commit: 6bdff9a739bb8f8662701c9280e2006e0d41036e (patch)
tree: ddbcdf9b8e024339a152fdcfa4b0b86d4e09027e
parent: 018b8a3a916d0ab5e145339548b9764d2b6952c4 (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2026.xml b/security/vuxml/vuln/2026.xml
index 4c2fa0230a0b..2ed681d7420c 100644
--- a/security/vuxml/vuln/2026.xml
+++ b/security/vuxml/vuln/2026.xml
@@ -1,3 +1,32 @@
+  <vuln vid="79c3c751-ee20-11f0-b17e-50ebf6bdf8e9">
+    <topic>phpmyfaq -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>phpmyfaq-php82</name>
+	<name>phpmyfaq-php83</name>
+	<name>phpmyfaq-php84</name>
+	<name>phpmyfaq-php85</name>
+	<range><lt>4.0.16</lt></range>
+      </package>
+    </affects>
+    <description>
+	<body xmlns="http://www.w3.org/1999/xhtml">
+	<p>phpMyFAQ team reports:</p>
+	<blockquote cite="https://www.phpmyfaq.de/security/advisory-2025-12-29/">
+	  <p>Stored cross-site scripting (XSS) and unauthenticated config backup
+	    download vulnerability</p>
+	</blockquote>
+	</body>
+    </description>
+    <references>
+      <url>https://www.phpmyfaq.de/security/advisory-2025-12-29/</url>
+    </references>
+    <dates>
+      <discovery>2025-12-29</discovery>
+      <entry>2026-01-10</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="8826fb1c-ebd8-11f0-a15a-a8a1599412c6">
     <topic>chromium -- multiple security fixes</topic>
     <affects>
author	Florian Smeets <flo@FreeBSD.org>	2026-01-10 12:43:04 +0000
committer	Florian Smeets <flo@FreeBSD.org>	2026-01-10 12:58:28 +0000
commit	6bdff9a739bb8f8662701c9280e2006e0d41036e (patch)
tree	ddbcdf9b8e024339a152fdcfa4b0b86d4e09027e
parent	018b8a3a916d0ab5e145339548b9764d2b6952c4 (diff)