Описание
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.
Связанные уязвимости
CVSS3: 5.3
nvd
больше 7 лет назад
phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.