CVE-2014-6047

2018-08-2817:00:00

mitre

www.cve.org

5.1 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.5%

JSON

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect “download an attachment” permission checks.

References

techdefencelabs.com/security-advisories.html

www.phpmyfaq.de/security/advisory-2014-09-16