CVE-2024-28107: phpMyFAQ SQL injections at insertentry & saveentry

8.8 CVSS

Description

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the `insertentry` & `saveentry` when modifying records due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accounts and in some cases, even achieve RCE. This vulnerability is fixed in 3.2.6.

Classification

CVE ID: CVE-2024-28107

CVSS Base Severity: HIGH

CVSS Base Score: 8.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem Types

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Affected Products

Vendor: thorsten

Product: phpMyFAQ

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.83% (probability of being exploited)

EPSS Percentile: 73.33% (scored less or equal to compared to others)

EPSS Date: 2025-04-20 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2024-28107
https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-2grw-mc9r-822r
https://github.com/thorsten/phpMyFAQ/commit/d0fae62a72615d809e6710861c1a7f67ac893007

Timeline

2025-04-10 19:40:11 UTC
CVE

phpMyFAQ SQL injections at insertentry & saveentry