CVE-2026-35671

HIGH SEVERITY

CVSS Score & Metrics

Base Score

8.8 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without authorization verification. An attacker with low-privilege admin credentials can escalate to SuperAdmin by modifying the userId parameter in the overwrite-password API request.

Vulnerability Details

Published Date

May 28, 2026

Last Modified

May 28, 2026

CWE ID

CWE-266

Source

NVD

Vendor

thorsten

Product

phpMyFAQ

External References

https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-xvp4-phqj-cjr3
https://www.vulncheck.com/advisories/phpmyfaq-insecure-direct-object-reference-in-user-password-api

CVE-2026-35671

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment