George Chen

3 exploits Active since Dec 2024
CVE-2025-30143 WRITEUP MEDIUM WRITEUP
Akamai App & API Protector <2 - Code Injection
Rule 3000216 (before version 2) in Akamai App & API Protector (with Akamai ASE) before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties.
CVSS 5.4
CVE-2025-54568 WRITEUP LOW WRITEUP
Akamai Rate Control alpha-2025 - Incorrect Rate Limiting via Per-Node Accounting
Akamai Rate Control alpha before 2025 allows attackers to send requests above the stipulated thresholds because the rate is measured separately for each edge node.
CVSS 3.7
CVE-2024-55889 EXPLOITDB MEDIUM text WRITEUP
phpMyFAQ < 3.2.10 - Unauthenticated File Download via FAQ Record Iframe Embed
phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an <iframe> element without user interaction or explicit consent. Version 3.2.10 fixes the issue.
CVSS 4.9