CVE-2014-6049
CVE-2014-6049 affects phpMyFAQ prior to version 2.8.13, where remote authenticated users with admin privileges can bypass authorization by manipulating a crafted instance ID parameter. The root cause involves improper handling of the instance ID, enabling privilege escalation: an admin user could...