CVE-2024-55889
published 2024-12-13CVE-2024-55889: phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can…
PriorityP348high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
2.12%
79.6th percentile
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent. Version 3.2.10 fixes the issue.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmyfaq | phpmyfaq | < 3.2.10 | 3.2.10 |
| thorsten | phpmyfaq | < 3.2.10 | 3.2.10 |
| thorsten | phpmyfaq | >= 0 < 3.2.10 | 3.2.10 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
ghsa·2024-12-13
CVE-2024-55889 [MEDIUM] CWE-451 thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
### Summary
A vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent.
### Details
In http://localhost/admin/index.php?action=editentry&id=20&lang=en, where a FAQ record is either created or edited, an attacker can insert an iframe, as "source code", pointing to a prior "malicious" attachment that the attacker has uploaded via FAQ "new attachment" upload, such that any page visits to this FAQ will trigger an automated download (from the edit screen, download is automated; from the faq page view as a normal user, depending on the browser, a pop up confirmatio
OSV
thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
osv·2024-12-13
CVE-2024-55889 [MEDIUM] thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames
### Summary
A vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent.
### Details
In http://localhost/admin/index.php?action=editentry&id=20&lang=en, where a FAQ record is either created or edited, an attacker can insert an iframe, as "source code", pointing to a prior "malicious" attachment that the attacker has uploaded via FAQ "new attachment" upload, such that any page visits to this FAQ will trigger an automated download (from the edit screen, download is automated; from the faq page view as a normal user, depending on the browser, a pop up confirmatio
No detection rules found.
No writeups or analysis indexed.
2024-12-13
Published