logo

Database

Insecure file upload In thorsten/phpmyfaq

Description

phpMyFAQ allows unrestricted file types in image field Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-52272. NVD-2023-52273. OSV-2023-52274. GCVE-2023-5227

References

1. https://github.com/thorsten/phpmyfaq/commit/abf52487422ce47195c8a80bd904a7af39f602972. https://huntr.dev/bounties/a335c013-db75-4120-872c-42059c7100e8

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.