top of page
perceptive_background_267k.jpg

phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the MediaBrowserController::index() method handles file deletion for the media browser. …

Published:

1 april 2026 om 22:00:00

Alert date:

2 april 2026 om 16:03:28

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

phpMyFAQ versions prior to 4.1.1 contain a critical vulnerability in the MediaBrowserController::index() method that handles file deletion. The vulnerability allows path traversal attacks through the fileRemove action where user-supplied name parameters are concatenated with upload directory paths without proper validation. The FILTER_SANITIZE_SPECIAL_CHARS filter fails to prevent directory traversal sequences like '../'. Additionally, the endpoint lacks CSRF token validation, making it exploitable via CSRF attacks. The vulnerability enables attackers to delete files outside the intended directory structure. This issue has been patched in version 4.1.1.

Technical details

Mitigation steps:

Affected products:

phpMyFAQ

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-34728
https://github.com/thorsten/phpMyFAQ/releases/tag/4.1.1
https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-38m8-xrfj-v38x

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page