Skip to main content

phpMyFAQ CVE-2026-46364

| EUVD-2026-30601 CRITICAL
SQL Injection (CWE-89)
2026-05-15 VulnCheck GHSA-ch9q-c9mp-j5gq
Information Disclosure SQLi
9.3
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Analysis Updated
May 28, 2026 - 16:28 vuln.today
v3 (cvss_changed)
Analysis Updated
May 28, 2026 - 16:28 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 28, 2026 - 16:22 vuln.today
cvss_changed
CVSS changed
May 28, 2026 - 16:22 NVD
9.8 (CRITICAL) 9.3 (CRITICAL)
Source Code Evidence Fetched
May 15, 2026 - 19:30 vuln.today
Analysis Generated
May 15, 2026 - 19:30 vuln.today

DescriptionNVD

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captcha endpoint by crafting malicious User-Agent headers to perform time-based blind SQL injection, extracting sensitive data including user credentials, admin tokens, and SMTP credentials from the database.

AnalysisAI

Unauthenticated SQL injection in phpMyFAQ before 4.1.2 allows remote attackers to extract credentials, admin tokens, and SMTP secrets by sending a crafted User-Agent header to the public GET /api/captcha endpoint. The flaw sits in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha(), which interpolate the header into DELETE and INSERT statements via sprintf with no escaping. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all phpMyFAQ deployments and document current versions. Within 7 days: Upgrade all instances to phpMyFAQ 4.1.2 or later. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-46364 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy