phpMyFAQ 4.0.16 - Improper Authorization

Exploit Title: phpMyFAQ = 4.0.16 - Improper Authorization Google Dork: N/A Date: 2026-01-23 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: https://www.phpmyfaq.de/ Software Link: https://www.phpmyfaq.de/download/ Version: = 4.0.16 REQUIRED Tested on: Ubuntu 22.04, Apache 2.4.52, PHP 8.2.x,...

CVE-2026-24421

creationtimestamp| type| source ---|---|--- 2026-01-23 19:02:39+00:00| published-proof-of-concept| https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-wm8h-26fv-mg7g 2026-01-24 03:21:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5b5cty2v23 2026-01-24 21:22:20+00:00|...

CVE-2021-24421

The WP JobSearch WordPress plugin before 1.7.4 did not sanitise or escape multiple of its parameters from the my-resume page before outputting them in the page, allowing low privilege users to use JavaScript payloads in them and leading to a Stored Cross-Site Scripting issue...

CVE-2025-24421

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this...

CVE-2025-24421 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to read select data. Exploitation of this...

CVE-2024-24421

A type confusion in the nasmessagedecode function of Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows attackers to execute arbitrary code or cause a Denial of Service DoS via a crafted NAS packet...

CVE-2024-24421

A type confusion in the nasmessagedecode function of Magma = 1.8.0 fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486 allows attackers to execute arbitrary code or cause a Denial of Service DoS via a crafted NAS packet...

CVE-2024-24421

CVE-2024-24421 describes a type confusion in Magma’s nas_message_decode function that affects Magma

Adobe InDesign 15.0.0 < 16.0.0 Denial-of-service (APSB20-66) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 16.0.0. It is, therefore, affected by a vulnerability as referenced in the APSB20-66 advisory. - Adobe InDesign version 15.1.2 and earlier is affected by a NULL pointer dereference bug that occurs when handling a malform...

CVE-2023-24421

creationtimestamp| type| source ---|---|--- 2023-07-11 12:45:44+00:00| seen| https://t.me/cibsecurity/66341...

CVE-2023-24421

Cross-Site Request Forgery CSRF vulnerability in WP Engine PHP Compatibility Checker plugin = 1.5.2 versions...

CVE-2023-24421

CVE-2023-24421 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WP Engine PHP Compatibility Checker plugin, affected versions

CVE-2023-1271

Rejected reason: Duplicate. Please use CVE-2023-24421...

Open redirect

Rejected reason: Duplicate. Please use CVE-2023-24421...

PT-2023-16852 · Undefined · Undefined

‼ CVE-2023-1271 ‼ REJECT Duplicate. Please use CVE-2023-24421. 📖 Read via "National Vulnerability Database"...

WordPress PHP Compatibility Checker Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software PHP Compatibility Checker Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.6.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-24421 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 89ba6e7a3219 Credits Mika...

CVE-2022-24421

creationtimestamp| type| source ---|---|--- 2022-03-12 00:15:06+00:00| seen| https://t.me/cibsecurity/38833 2022-03-23 10:17:52+00:00| seen| https://t.me/truesecator/2762 2022-03-23 13:53:34+00:00| seen| https://t.me/SecLabNews/11819 2022-03-24 10:36:03+00:00| seen| https://t.me/sysodmins/14390...

CVE-2022-24421

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM...

CVE-2022-24421

Dell BIOS contains an improper input validation vulnerability that allows a local authenticated attacker to trigger arbitrary code execution in System Management Mode (SMM) via an SMI. Affected Dell products include Inspiron, Vostro, XPS, Alienware, and Edge Gateway 3000 Series. The root cause is...

CVE-2021-24421

creationtimestamp| type| source ---|---|--- 2021-07-13 00:18:15+00:00| seen| https://t.me/cibsecurity/26081...