CVE-2024-28105 — HIGH (7.2)

Vulnerability Description

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type` and `lang` parameters, allowing attackers to upload malicious files with a .php extension, potentially leading to remote code execution (RCE) on the system. This vulnerability is fixed in 3.2.6.

CVSS Score

7.2

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Phpmyfaq	Phpmyfaq	3.2.5

Related Weaknesses (CWE)

CWE-434

References

https://github.com/thorsten/phpMyFAQ/commit/9136883776af67dfdb0e8cf14f5e0ca22bf4Patch
https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-pwh2-fpfr-x5gfExploitVendor Advisory
https://github.com/thorsten/phpMyFAQ/commit/9136883776af67dfdb0e8cf14f5e0ca22bf4Patch
https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-pwh2-fpfr-x5gfExploitVendor Advisory

FAQ

What is CVE-2024-28105?

CVE-2024-28105 is a vulnerability with a CVSS score of 7.2 (HIGH). phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The category image upload function in phpmyfaq is vulnerable to manipulation of the `Content-type...

How severe is CVE-2024-28105?

CVE-2024-28105 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-28105?

Check the references section above for vendor advisories and patch information. Affected products include: Phpmyfaq Phpmyfaq.