Skip to main content

phpMyFAQ EUVD-2026-30594

| CVE-2026-46359 HIGH
SQL Injection (CWE-89)
2026-05-15 VulnCheck GHSA-p9wc-4pjv-rg82
SQLi Microsoft
7.7
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

7
Analysis Updated
May 28, 2026 - 16:42 vuln.today
v3 (cvss_changed)
Analysis Updated
May 28, 2026 - 16:41 vuln.today
v2 (cvss_changed)
Re-analysis Queued
May 28, 2026 - 16:22 vuln.today
cvss_changed
CVSS changed
May 28, 2026 - 16:22 NVD
7.5 (HIGH) 7.7 (HIGH)
Patch available
May 15, 2026 - 20:02 EUVD
Source Code Evidence Fetched
May 15, 2026 - 19:32 vuln.today
Analysis Generated
May 15, 2026 - 19:32 vuln.today

DescriptionNVD

phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attackers with Azure AD accounts containing SQL metacharacters in display names or JWT claims can break out of string literals and execute arbitrary database queries.

AnalysisAI

SQL injection in phpMyFAQ prior to 4.1.2 allows attackers authenticating through Azure AD/Entra ID OAuth to execute arbitrary database queries by embedding SQL metacharacters in their identity provider display name or JWT claims. The CurrentUser::setTokenData() method interpolates OAuth token fields into an UPDATE statement via sprintf without calling the database escape routine, while sibling methods in the same file correctly escape input. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Identify all phpMyFAQ deployments and determine which use Azure AD/Entra ID authentication. Within 7 days: Upgrade all affected instances to phpMyFAQ 4.1.2 or later. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-10044 HIGH POC
8.2 May 28

{filename} endpoint. The flawed traversal guard only rejects forward slashes and '..' sequences, so absolute Windows pat
CVE-2026-40412 CRITICAL
10.0 May 22

Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil
CVE-2026-41104 CRITICAL
10.0 May 22

Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal
CVE-2026-23652 CRITICAL
10.0 May 22

Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-
CVE-2026-47280 CRITICAL
10.0 May 22

Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti

Share

EUVD-2026-30594 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy