Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2026/05/15 9:31 p.m.6 views

Duplicate Advisory: phpMyFAQ: Missing Authorization on Tag Deletion Allows Any Authenticated User to Delete Tags

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cx3-2qx2-3g6w. This link is maintained to preserve external references. Original Description phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/tagId...

5.4CVSS5.5AI score0.0004EPSS
Exploits0References4Affected Software2
NVD
NVDadded 2026/05/15 7:17 p.m.9 views

CVE-2026-46365

phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/tagId endpoint that allows any authenticated user to delete tags. Any logged-in user, including regular frontend users, can delete arbitrary tags by sending a DELETE request with a valid...

5.4CVSS0.0004EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/15 6:36 p.m.6 views

EUVD-2026-30600

phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/tagId endpoint that allows any authenticated user to delete tags. Any logged-in user, including regular frontend users, can delete arbitrary tags by sending a DELETE request with a valid...

5.4CVSS5.9AI score0.0004EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/15 6:36 p.m.4 views

CVE-2026-46365

phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/tagId endpoint that allows any authenticated user to delete tags. Any logged-in user, including regular frontend users, can delete arbitrary tags by sending a DELETE request with a valid...

5.4CVSS5.9AI score0.0004EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/15 12:0 a.m.10 views

PT-2026-41367

phpMyFAQ before 4.1.2 contains a missing authorization vulnerability in the DELETE /admin/api/content/tags/tagId endpoint that allows any authenticated user to delete tags. Any logged-in user, including regular frontend users, can delete arbitrary tags by sending a DELETE request with a valid...

5.4CVSS5.9AI score0.0004EPSS
Exploits0References3
OSV
OSVadded 2023/07/26 2:15 p.m.3 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS5.7AI score
Exploits0References2
Hacker One
Hacker Oneadded 2019/07/10 4:32 a.m.13 views

New Relic: Restricted user can add and delete tags of APM key transactions

Description Within APM after you setup a connection, there is the ability for you to mark a "key transaction" which will then populate data on the Key Transactions page in APM. On this page, there is the ability for an admin to hover over the tag icon and add a tag to the name of the key...

0.5AI score
Exploits0
Rows per page
Query Builder