Lucene search
Veracode Vulnerability DatabaseVERACODE:40238HistoryApr 20, 2023 - 5:16 p.m.
Authentication Bypass
2023-04-2017:16:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
vulnerability
captcha
bypass
authentication
phpmyfaq
faulty logic
0.002 Low
EPSS
Percentile
54.8%
phpmyfaq is vulnerable to Authentication Bypass. The vulnerability is due to a Captcha bypass which allows an attacker to send unlimited comments due to the faulty logic in the checkCaptchaCode function in fileCaptcha.php, resulting in authentication bypass.
| CPE | Name | Operator | Version |
|---|---|---|---|
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 | |
| thorsten/phpmyfaq | le | 3.1.11 | |
| phpmyfaq/phpmyfaq | le | 3.1.11 |
Related
osv
osv
thorsten/phpmyfaq vulnerable to authentication bypass
2023-04-05 18:30:18
CVE-2023-1886
2023-04-05 17:15:07
cvelist
cvelist
CVE-2023-1886 Authentication Bypass by Capture-replay in thorsten/phpmyfaq
2023-04-05 00:00:00
github
github
thorsten/phpmyfaq vulnerable to authentication bypass
2023-04-05 18:30:18
cve
cve
CVE-2023-1886
2023-04-05 17:15:07
nvd
nvd
CVE-2023-1886
2023-04-05 17:15:07
prion
prion
Authentication flaw
2023-04-05 17:15:00
huntr
huntr
Captcha Bypass allows sending unlimited Comments
2023-02-14 21:58:34
openvas
openvas
phpMyFAQ < 3.1.12 Multiple Vulnerabilities
2023-04-04 00:00:00