PT-2004-3152 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ version 1.4.0 Description: The issue allows remote attackers to access the Image Manager without authorization, enabling them to upload or delete images via a direct request. Recommendations: For phpMyFAQ version 1.4.0, consider...

phpMyFAQ index.php action Parameter Local File Inclusion

The version of phpMyFAQ on the remote host contains a flaw that may lead to an unauthorized information disclosure. The problem is that user input passed to the 'action' parameter is not properly verified before being used to include files, which could allow a remote attacker to view any accessib...

phpMyFAQ Image Upload Authentication Bypass

The version of phpMyFAQ on the remote host contains a flaw that could allow an attacker without authorization to upload and delete arbitrary images on the remote host. An attacker may exploit this problem to deface the remote website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Advisory 05/2004: phpMyFAQ local file inclusion vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: phpMyFAQ local file inclusion vulnerability Release Date: 2004/05/18 Last Modified: 2004/05/18 Author: Stefan Esser [email protected] Application: phpMyFAQ stable release = 1.3.12...