Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2025/04/16 12:0 a.m.277 views

📄 phpMyFAQ 3.2.10 Unintended File Download

phpMyFAQ version 3.2.10 suffers from an unintended file download vulnerability. Exploit Title: phpMyFAQ v3.2.10 - Unintended File Download Triggered by Embedded Frames Date: 13 Dec 2024 Exploit Author: George Chen Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link:...

7.2CVSS6.7AI score0.02163EPSS
Exploits3
Exploit DB
Exploit DB
added 2025/04/16 12:0 a.m.193 views

phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames

Exploit Title: phpMyFAQ v3.2.10 - Unintended File Download Triggered by Embedded Frames Date: 13 Dec 2024 Exploit Author: George Chen Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link: https://github.com/thorsten/phpMyFAQ/ Version: v3.2.10 Tested on: Mac, Win CVE : CVE-2024–558...

7.2CVSS7.4AI score0.02163EPSS
Exploits3
Circl
Circl
added 2024/12/13 1:48 p.m.39 views

CVE-2024-55889

creationtimestamp| type| source ---|---|--- 2024-12-13 13:48:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113645827432960822 2024-12-13 15:46:22+00:00| seen| https://t.me/cvedetector/12871 2025-04-17 21:02:37+00:00| seen|...

7.2CVSS4.8AI score0.02163EPSS
Exploits3References3
CVE
CVE
added 2024/12/13 1:44 p.m.55 views

CVE-2024-55889

CVE-2024-55889 affects the phpMyFAQ open source FAQ web application. The issue is in the FAQ Record component prior to version 3.2.10, where a privileged attacker can trigger a file download on a victim’s machine by embedding the target file in an iframe upon visiting a page, without user interac...

7.2CVSS5AI score0.02163EPSS
Exploits3References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/13 1:44 p.m.7 views

CVE-2024-55889 phpMyFAQ Vulnerable to Unintended File Download Triggered by Embedded Frames

phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent...

4.9CVSS6.9AI score0.02163EPSS
Exploits3References2
Rows per page
Query Builder