First published: Tue Aug 28 2018(Updated: )
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Phpmyfaq Phpmyfaq | <2.8.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.