EPSS
Percentile
60.9%
thorsten/phpmyfaq is vulnerable to Improper Access Control. The vulnerability exists due to the lack of validation of email addresses in ajaxservice.php which allows an attacker to take over another account.
ajaxservice.php
github.com/advisories/GHSA-r69v-q48g-3966
github.com/thorsten/phpmyfaq/commit/07552f5577ff8b1e6f7cdefafcce9b2a744d3a24
huntr.dev/bounties/20d3a0b3-2693-4bf1-b196-10741201a540
huntr.dev/bounties/20d3a0b3-2693-4bf1-b196-10741201a540/