4 matches found
CVE-2026-45010
phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session binding or rate limiting. Unauthenticated attackers can brute-force any user's six-digit TOTP code by...
PT-2026-41357
Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.2 Description An improper restriction of excessive authentication attempts exists in the "/admin/check" endpoint. This endpoint accepts arbitrary user-id parameters without session binding or rate limiting...
phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id
Summary The /admin/check endpoint in AuthenticationController implements SkipsAuthenticationCheck, making it reachable without any prior authentication. An anonymous attacker Bob can POST arbitrary user-id and token values to brute-force any user's 6-digit TOTP code. No rate limiting exists. The...
GHSA-9PQ7-MFWH-XX2J phpMyFAQ enables unauthenticated 2FA brute-force attack via /admin/check acceptance of arbitrary user-id
Summary The /admin/check endpoint in AuthenticationController implements SkipsAuthenticationCheck, making it reachable without any prior authentication. An anonymous attacker Bob can POST arbitrary user-id and token values to brute-force any user's 6-digit TOTP code. No rate limiting exists. The...