Description
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow an authenticated user without the dlattachment permission to download FAQ attachments due to a incomprehensive permissions check. The presence of a right key is improperly validated as proof of authorization in attachment.php. Additionally, the group and user permission logic contains a flawed conditional expression that may allow unauthorized access. This issue has been fixed in version
Remediation
References
Related Vulnerabilities
WordPress Plugin PureHTML 'alter.php' SQL Injection (1.0.0)
WordPress Plugin 3dady real-time web stats Cross-Site Request Forgery (1.0)
MySQL CVE-2024-21127 Vulnerability (CVE-2024-21127)
TYPO3 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11069)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17301)