2 matches found
CVE-2026-45009 phpMyFAQ - Insufficient Authorization Check in Admin API Endpoints
phpMyFAQ before 4.1.2 contains an insufficient authorization vulnerability in admin-api routes that allows authenticated ordinary users to access administrative endpoints by only checking login status instead of verifying backend privileges. Attackers with valid frontend user accounts can access...
CVE-2026-45009
creationtimestamp| type| source ---|---|--- 2026-05-06 20:37:42+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-jrc5-w569-h7h5...