https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-24T09:32:11.229734+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/281cd631-8c31-4b80-bd46-a8210c74562b/export281cd631-8c31-4b80-bd46-a8210c74562b2026-06-24T09:32:11.249795+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "281cd631-8c31-4b80-bd46-a8210c74562b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49205", "type": "seen", "source": "https://gist.github.com/alon710/b22b0dd984dd927be769bc999880e7f3", "content": "# CVE-2026-49205: CVE-2026-49205: Missing Authorization in phpMyFAQ Public REST API Write Endpoints\n\n> **CVSS Score:** 6.5\n> **Published:** 2026-06-23\n> **Full Report:** https://cvereports.com/reports/CVE-2026-49205\n\n## Summary\nAn incomplete security patch for CVE-2026-24421 in phpMyFAQ allows authenticated low-privileged users to bypass role-based access controls. While the initial patch addressed missing authorization in the BackupController, it left four critical write-enabled endpoints vulnerable. This allows remote attackers with a valid low-privilege API token to perform unauthorized data modifications, creating categories, creating FAQs, updating FAQs, and injecting questions directly into the database.\n\n## TL;DR\nAn incomplete fix for CVE-2026-24421 in phpMyFAQ leaves four REST API endpoints vulnerable to missing authorization, enabling low-privileged authenticated users to modify categories, FAQs, and system questions without the required role permissions.\n\n## Technical Details\n\n- **CWE ID**: CWE-862: Missing Authorization\n- **Attack Vector**: Network\n- **CVSS v3.1 Score**: 6.5 (Medium)\n- **Exploit Maturity**: None / Unproven\n- **EPSS Score**: 0.0024\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- phpMyFAQ open-source FAQ web application\n- **phpMyFAQ**: < 4.1.4 (Fixed in: `4.1.4`)\n\n## Mitigation\n\n- Upgrade phpMyFAQ to version 4.1.4 or higher.\n- Implement a manual code-level patch to enforce role validation on all public REST API write endpoints.\n- Deploy WAF rules to restrict POST and PUT requests to public API controllers based on user roles.\n\n**Remediation Steps:**\n1. Download phpMyFAQ version 4.1.4 from the official repository.\n2. Apply database and application updates following the standard phpMyFAQ upgrade documentation.\n3. Validate API security policies by attempting a write request using a low-privileged API token.\n\n## References\n\n- [GitHub Security Advisory GHSA-8c6h-7g6x-m5x4](https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-8c6h-7g6x-m5x4)\n- [CVE-2026-49205 Record](https://www.cve.org/CVERecord?id=CVE-2026-49205)\n- [CWE-862 Reference](https://cwe.mitre.org/data/definitions/862.html)\n- [MITRE ATT&CK T1068 Reference](https://attack.mitre.org/techniques/T1068/)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-49205) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-23T22:42:14.000000Z"}2026-06-23T22:42:14+00:00