← Back

CVE-2026-24421

nvd nist
Published: Jan 24, 2026Modified: Jan 30, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: security-advisories@github.com (Secondary)

Description

phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have flawed authorization logic which exposes the /api/setup/backup endpoint to any authenticated user despite their permissions. SetupController.php uses userIsAuthenticated() but does not verify that the requester has configuration/admin permissions. Non-admin users can trigger a configuration backup and retrieve its path. The endpoint only checks authentication, not authorization, and returns a link to the generated ZIP. This issue is fixed in version 4.0.17.

Affected (1)

Products: Phpmyfaq: Phpmyfaq
Phpmyfaq
1 product
Phpmyfaq
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Phpmyfaq
Before 4.0.17

Related CWEs

CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (1)

Source: security-advisories@github.com
ExploitVendor Advisory

Timeline

No history available yet.