Description
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Contact Form Solution Cross-Site Scripting (1.6)
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-1238)
XOOPS Other Vulnerability (CVE-2005-0743)
Microsoft SQL Server Elevation of Privilege Vulnerability (CVE-2021-1636)
WordPress Plugin UpdraftPlus WordPress Backup Privilege Escalation (1.23.2)