Description

phpMyFAQ is an Open Source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. The 'sharing FAQ' functionality allows any unauthenticated actor to misuse the phpMyFAQ application to send arbitrary emails to a large range of targets. The phpMyFAQ application has a functionality where anyone can share a FAQ item to others. The front-end of this functionality allows any phpMyFAQ articles to be shared with 5 email addresses. Any unauthenticated actor can perform this action. There is a CAPTCHA in place, however the amount of people you email with a single request is not limited to 5 by the backend. An attacker can thus solve a single CAPTCHA and send thousands of emails at once. An attacker can utilize the target application's email server to send phishing messages. This can get the server on a blacklist, causing all emails to end up in spam. It can also lead to reputation damages. This issue has been patched in version 3.2.5.

Remediation

References

CVE-2024-22208

Related Vulnerabilities

Oracle Database Server Other Vulnerability (CVE-2006-1869)

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-32474)

WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5)

Oracle Database Server CVE-2021-35576 Vulnerability (CVE-2021-35576)

Drupal Core 6.x Local File Inclusion (6.0 - 6.9)

Severity

Medium

Classification

CVE-2024-22208 CWE-863 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Tags

Missing Update Known Vulnerabilities