CVE-2014-6047

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-08-28 17:29

Updated : 2024-02-28 16:48


NVD link : CVE-2014-6047

Mitre link : CVE-2014-6047

CVE.ORG link : CVE-2014-6047


JSON object : View

Products Affected

phpmyfaq

  • phpmyfaq
CWE
CWE-275

Permission Issues