SQL Injection Affecting thorsten/phpmyfaq package, versions >=3.2.5, <3.2.6


Severity

Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

Exploit Maturity
Proof of concept
EPSS
0.04% (11th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about SQL Injection vulnerabilities in an interactive lesson.

Start learning
  • Snyk IDSNYK-PHP-THORSTENPHPMYFAQ-6501723
  • published27 Mar 2024
  • disclosed25 Mar 2024
  • creditkevinnivekkevin

Introduced: 25 Mar 2024

CVE-2024-28107  (opens in a new tab)
CWE-89  (opens in a new tab)

How to fix?

Upgrade thorsten/phpmyfaq to version 3.2.6 or higher.

Overview

thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases

Affected versions of this package are vulnerable to SQL Injection due to improper escaping of the email address in the insertentry and saveentry functions. An attacker can execute malicious SQL queries, potentially leading to data exfiltration, account takeover, and even remote code execution by modifying the email and notes parameters in the body of a POST request. This is only exploitable if the attacker is an authenticated user with the rights to add/edit FAQ news.

References

CVSS Scores

version 3.1