CVE-2014-6047

MEDIUM

phpmyfaq < 2.8.13 - Authenticated Arbitrary File Read via Attachment Download

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-6047.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in phpMyFAQ 2.8.X, including persistent XSS via unfiltered User-Agent and Referer headers, unauthenticated FAQ data disclosure, and CSRF attacks for user credential manipulation and configuration changes.

Description

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/34580

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in phpMyFAQ 2.8.X, including persistent XSS via unfiltered User-Agent and Referer headers, unauthenticated FAQ data disclosure, and CSRF attacks for user credential manipulation and configuration changes.

Classification

Working Poc 95%

Attack Type

Xss | Info Leak | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: phpMyFAQ 2.8.X

No auth needed

Prerequisites: Access to the target phpMyFAQ instance

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory x_refsource_misc

http://techdefencelabs.com/security-advisories.html

Vendor Advisory x_refsource_confirm

https://www.phpmyfaq.de/security/advisory-2014-09-16

Scores

CVSS v3 5.3

EPSS 0.0568

EPSS Percentile 92.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-275

Status published

Products (1)

phpmyfaq/phpmyfaq < 2.8.13

Published Aug 28, 2018

Tracked Since Feb 18, 2026