CVE-2026-24420

MEDIUM

phpmyfaq < 4.0.17 - Authenticated Improper Access Control via Attachment Download

Title source: llm

Description

phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow an authenticated user without the dlattachment permission to download FAQ attachments due to a incomprehensive permissions check. The presence of a right key is improperly validated as proof of authorization in attachment.php. Additionally, the group and user permission logic contains a flawed conditional expression that may allow unauthorized access. This issue has been fixed in version

References (1)

Core 1

Core References

Exploit, Vendor Advisory x_refsource_confirm

https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-7p9h-m7m8-vhhv

Scores

CVSS v3 6.5

EPSS 0.0042

EPSS Percentile 33.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (3)

phpmyfaq/phpmyfaq < 4.0.17

phpmyfaq/phpmyfaq 0 - 4.0.17Packagist

thorsten/phpmyfaq 0 - 4.0.17Packagist

Published Jan 24, 2026

Tracked Since Feb 18, 2026