Description

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.

Remediation

References

CVE-2014-6049

Related Vulnerabilities

MySQL CVE-2021-2212 Vulnerability (CVE-2021-2212)

WordPress Plugin SFBrowser 'sfbrowser.php' Arbitrary File Upload (1.4.5)

WordPress Plugin Login or Logout Menu Item Security Bypass (1.1.1)

Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)

WebLogic CVE-2019-2648 Vulnerability (CVE-2019-2648)

Severity

Low

Classification

CVE-2014-6049 CWE-285 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities