CNNVD-202601-4254 Information

CNNVD ID

CNNVD-202601-4254

Related CVE

CVE-2026-24420

• CNNVD Published: 2026-01-24

Description (Chinese)

phpMyFAQ是Thorsten Rinne个人开发者的一个多语言、完全由数据库驱动的常见问题解答系统。 phpMyFAQ 4.0.16及之前版本存在访问控制错误漏洞，该漏洞源于权限检查不全面，可能导致未经授权的用户下载FAQ附件。

Description (English)

phpMyFAQ is a multilingual, database-driven, common-question answer system for Thorsten Rinne personal developers. The phpMyFAQ 4.0.16 and previous versions have access control error holes, which stem from incomplete permission checks and may result in unauthorized users downloading FAQ annexes.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

个人开发者

Published

2026-01-24

Last Modified

2026-02-24

References

https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7p9h-m7m8-vhhv https://access.redhat.com/security/cve/cve-2026-24420

Patch

https://www.phpmyfaq.de/download/