5.4

CVE-2023-1883

Exploit

Improper Access Control in thorsten/phpmyfaq

Improper Access Control in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PhpmyfaqPhpmyfaq Version < 3.1.12
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.49% 0.383
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.4 2.8 2.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
security@huntr.dev 5.4 2.8 2.5
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://github.com/thorsten/phpmyfaq/commit/db77df888178766987398597d4f153831c62a503
Patch
https://huntr.dev/bounties/2f1e417d-cf64-4cfb-954b-3a9cb2f38191
Patch
Third Party Advisory
Exploit