Weak Password Requirements Affecting thorsten/phpmyfaq package, versions >=0.0.0, <3.1.12


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of concept
EPSS
0.21% (61st percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-PHP-THORSTENPHPMYFAQ-5351808
  • published31 Mar 2023
  • disclosed31 Mar 2023
  • creditUnknown

Introduced: 31 Mar 2023

CVE-2023-1753  (opens in a new tab)
CWE-521  (opens in a new tab)

How to fix?

Upgrade thorsten/phpmyfaq to version 3.1.12 or higher.

Overview

thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases

Affected versions of this package are vulnerable to Weak Password Requirements due to missing checks in the phpmyfaq/admin/ajax.user.php file.

References

CVSS Scores

version 3.1