CNNVD-202510-402 Information

CNNVD ID

CNNVD-202510-402

Related CVE

CVE-2025-59943

• CNNVD Published: 2025-10-03

Description (Chinese)

phpMyFAQ是Thorsten Rinne个人开发者的一个多语言、完全由数据库驱动的常见问题解答系统。 phpMyFAQ 4.0-nightly-2025-10-03及之前版本存在安全漏洞，该漏洞源于未强制邮箱地址唯一性，可能导致权限提升或账户接管。

Description (English)

phpMyFAQ is a multilingual, database-driven, common-question answer system for Thorsten Rinne personal developers. phpMyFAQ 4.0-nightly-2025-10-03 and previous versions have a security loophole, which stems from the lack of mandatory uniqueness of the mailbox address, which may lead to an increase in privileges or account take-over.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-03

Last Modified

2026-02-24

References

https://github.com/thorsten/phpMyFAQ/commit/44cd20f86eb041f39d1c30a9beefad1cc61dc0ec https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-9wj2-4hcm-r74j

Patch

https://www.phpmyfaq.de/download