CVE-2024-28105

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 3.2.6

Description The category image upload function in phpMyFAQ is vulnerable to manipulation of the Content-type and lang parameters, allowing attackers to upload malicious files with a .php extension, potentially leading to remote code execution (RCE) on the system. Attackers can upload malicious files containing executable code, allowing them to take control of the vulnerable system, execute arbitrary commands, steal sensitive data, disrupt services, and potentially escalate their privileges.

Recommendations For versions prior to 3.2.6, update to version 3.2.6 to resolve the issue. As a temporary workaround, consider restricting access to the category image upload function to minimize the risk of exploitation. Additionally, forcing the getFileExtension function to return one of the allowed mimetypes instead of an empty string can help prevent the uploaded file from being executed as a PHP file.