Description
phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.
Remediation
References
Related Vulnerabilities
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-15080)
WordPress Plugin Export Users With Meta SQL Injection (0.6.4)
ownCloud Incorrect Authorization Vulnerability (CVE-2021-29659)
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-23163)