Description
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Local File Inclusion (2.11.1)
MySQL CVE-2018-3156 Vulnerability (CVE-2018-3156)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)
WordPress Plugin Gallery PhotoBlocks Unspecified Vulnerability (1.1.32)
WordPress Plugin Stream Video Player Cross-Site Request Forgery (1.4.0)