Description
phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)
Oracle HTTP Server CVE-2016-0671 Vulnerability (CVE-2016-0671)
WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
Joomla! Core Multiple Vulnerabilities (1.5.0 - 3.7.2)
WordPress Plugin Newsletter Subscription Form Possible Remote Code Execution (1.1.2)