Lucene search
Veracode Vulnerability DatabaseVERACODE:40234HistoryApr 20, 2023 - 4:16 p.m.
Improper Access Control
2023-04-2016:16:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
phpmyfaq
vulnerability
access control
0.001 Low
EPSS
Percentile
36.2%
phpmyfaq is vulnerable to Improper Access Control. Improper checks in commentDisabled function of Faq.php allows a remote authenticated attacker to comment in inactive FAQ NEWS even when the comment section is disabled, resulting in broken access control.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 | |
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 |
Related
cve
cve
CVE-2023-1883
2023-04-05 17:15:07
nvd
nvd
CVE-2023-1883
2023-04-05 17:15:07
huntr
huntr
Broken access control - Someone still can comment in unactive FAQ NEWS
2023-02-13 04:47:33
prion
prion
Improper access control
2023-04-05 17:15:00
osv
osv
thorsten/phpmyfaq vulnerable to improper access control
2023-04-05 18:30:18
CVE-2023-1883
2023-04-05 17:15:07
cvelist
cvelist
CVE-2023-1883 Improper Access Control in thorsten/phpmyfaq
2023-04-05 00:00:00
github
github
thorsten/phpmyfaq vulnerable to improper access control
2023-04-05 18:30:18
openvas
openvas
phpMyFAQ < 3.1.12 Multiple Vulnerabilities
2023-04-04 00:00:00