VULHUB ™

It is reported that phpMyFAQ contains an authentication bypass vulnerability in its image manager. This vulnerability can be exploited by remote anonymous attackers to upload or delete images in the phpMyFAQ application without authorization. A remote attacker could deface the application, or delete all images in the database. Version 1.4 is reported vulnerable. The vendor has released version 1.4a that corrects this issue.

It is reported that phpMyFAQ contains an authentication bypass vulnerability in its image manager. This vulnerability can be exploited by remote anonymous attackers to upload or delete images in the phpMyFAQ application without authorization. A remote attacker could deface the application, or delete all images in the database. Version 1.4 is reported vulnerable. The vendor has released version 1.4a that corrects this issue.