Description
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. There is a Path Traversal vulnerability in Attachments that allows attackers with admin rights to upload malicious files to other locations of the web root. This vulnerability is fixed in 3.2.6.
Remediation
References
Related Vulnerabilities
MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-19709)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4522)
WordPress Plugin PowerPress Podcasting by Blubrry Unspecified Vulnerability (8.6.1)
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.1)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-46158)