9 matches found
phpMyFAQ 4.0.16 - Improper Authorization
Exploit Title: phpMyFAQ = 4.0.16 - Improper Authorization Google Dork: N/A Date: 2026-01-23 Exploit Author: GUIA BRAHIM FOUAD Vendor Homepage: https://www.phpmyfaq.de/ Software Link: https://www.phpmyfaq.de/download/ Version: = 4.0.16 REQUIRED Tested on: Ubuntu 22.04, Apache 2.4.52, PHP 8.2.x,...
CVE-2026-24421
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated but does not verify that the requester has...
CVE-2026-24421
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated but does not verify that the requester has...
CVE-2026-24421 phpMyFAQ missing authorization exposes /api/setup/backup to any authenticated user
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated but does not verify that the requester has...
CVE-2026-24421 phpMyFAQ missing authorization exposes /api/setup/backup to any authenticated user
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated but does not verify that the requester has...
CVE-2026-24421
Summary: CVE-2026-24421 affects phpMyFAQ before 4.0.17. Versions 4.0.16 and earlier have flawed authorization logic that exposes the /api/setup/backup endpoint to any authenticated user. The code uses userIsAuthenticated() without verifying configuration/admin permissions, allowing non-admin user...
GHSA-WM8H-26FV-MG7G phpMyFAQ: /api/setup/backup accessible to any authenticated user (authz missing)
Summary Authenticated non‑admin users can call /api/setup/backup and trigger a configuration backup. The endpoint only checks authentication, not authorization, and returns a link to the generated ZIP. Details SetupController.php uses userIsAuthenticated but does not verify that the requester has...
EUVD-2025-205600
phpMyFAQ has unauthenticated config backup download via /api/setup/backup...
CVE-2025-69200
phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via POST /api/setup/backup and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive...