5 matches found
📄 phpMyFAQ 3.2.10 Unintended File Download
phpMyFAQ version 3.2.10 suffers from an unintended file download vulnerability. Exploit Title: phpMyFAQ v3.2.10 - Unintended File Download Triggered by Embedded Frames Date: 13 Dec 2024 Exploit Author: George Chen Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link:...
phpMyFAQ 3.2.10 - Unintended File Download Triggered by Embedded Frames
Exploit Title: phpMyFAQ v3.2.10 - Unintended File Download Triggered by Embedded Frames Date: 13 Dec 2024 Exploit Author: George Chen Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ Software Link: https://github.com/thorsten/phpMyFAQ/ Version: v3.2.10 Tested on: Mac, Win CVE : CVE-2024–558...
CVE-2024-55889
creationtimestamp| type| source ---|---|--- 2024-12-13 13:48:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113645827432960822 2024-12-13 15:46:22+00:00| seen| https://t.me/cvedetector/12871 2025-04-17 21:02:37+00:00| seen|...
CVE-2024-55889
CVE-2024-55889 affects the phpMyFAQ open source FAQ web application. The issue is in the FAQ Record component prior to version 3.2.10, where a privileged attacker can trigger a file download on a victim’s machine by embedding the target file in an iframe upon visiting a page, without user interac...
CVE-2024-55889 phpMyFAQ Vulnerable to Unintended File Download Triggered by Embedded Frames
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent...