cbcvebase.
CVE-2024-54141
published 2024-12-06

CVE-2024-54141: phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Prior to 4.0.0, phpMyFAQ exposes the database (ie…

PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.48%
37.7th percentile
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Prior to 4.0.0, phpMyFAQ exposes the database (ie postgreSQL) server's credential when connection to DB fails. This vulnerability is fixed in 4.0.0.

Affected

3 ranges
VendorProductVersion rangeFixed in
phpmyfaqphpmyfaq
thorstenphpmyfaq< 4.0.04.0.0
thorstenphpmyfaq>= 0 < 4.0.04.0.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.