Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyFAQ Permission Issues Vulnerability - CVE-2014-6047 - Vulnerability Database
phpMyFAQ

phpMyFAQ Permission Issues Vulnerability - CVE-2014-6047

Medium
Reference: CVE-2014-6047
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-6047
Title: phpMyFAQ Permission Issues Vulnerability
Overview:

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect quotdownload an attachmentquot permission checks.