Description
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
Remediation
References
Related Vulnerabilities
WordPress Plugin Booking calendar, Appointment Booking System Multiple Vulnerabilities (2.1.7)
WordPress Plugin SendPress Newsletters Security Bypass (1.2.10.20)
Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793)
axios Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-58754)