CVE-2026-46362 - Vulnerability Details

phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in AbstractAdministrationController::userHasPermission() that fails to terminate execution after sending a forbidden response. Attackers can access all permission-protected admin pages by requesting their URLs as authenticated users, exposing admin logs, user data, system information, and application configuration.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact partial

Vendors	Products
Phpmyfaq	Phpmyfaq
Thorsten	Phpmyfaq

No data.

References

Link	Providers
https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-hpgw-ww76-c68r
https://www.vulncheck.com/advisories/phpmyfaq-authorization-bypass-in-admin-pages-via-non-terminating-permission-check

History

Thu, 28 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Phpmyfaq Phpmyfaq phpmyfaq
CPEs		cpe:2.3:a:phpmyfaq:phpmyfaq::::::::
Vendors & Products		Phpmyfaq Phpmyfaq phpmyfaq
Metrics		cvssV4_0 `{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}`

Mon, 18 May 2026 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 15 May 2026 22:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Thorsten Thorsten phpmyfaq
Vendors & Products		Thorsten Thorsten phpmyfaq

Fri, 15 May 2026 19:00:00 +0000

Type	Values Removed	Values Added
Description		phpMyFAQ before 4.1.2 contains an authorization bypass vulnerability in AbstractAdministrationController::userHasPermission() that fails to terminate execution after sending a forbidden response. Attackers can access all permission-protected admin pages by requesting their URLs as authenticated users, exposing admin logs, user data, system information, and application configuration.
Title		phpMyFAQ - Authorization Bypass in Admin Pages via Non-Terminating Permission Check
Weaknesses		CWE-863
References		https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-hpgw-ww76-c68r https://www.vulncheck.com/advisories/phpmyfaq-authorization-bypass-in-admin-pages-via-non-terminating-permission-check
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}`

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2026-05-15T18:36:41.173Z

Updated: 2026-05-28T14:15:25.522Z

Reserved: 2026-05-13T19:40:27.809Z

Link: CVE-2026-46362

Vulnrichment

Updated: 2026-05-18T16:06:37.066Z

NVD

Status : Deferred

Published: 2026-05-15T19:17:03.520

Modified: 2026-05-28T16:16:26.860

Link: CVE-2026-46362

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation poc

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object