Authenticated Path Traversal in phpMyFAQ Product by phpMyFAQ
CVE-2026-57961

5.1MEDIUM

Key Information:

Vendor

pHPMyFAQ

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-57961?

phpMyFAQ prior to version 4.1.5 contains a security vulnerability within the concatenatePaths() function in src/phpMyFAQ/Export/Pdf/Wrapper.php. Users with editing privileges can exploit this flaw by embedding crafted HTML with specific image paths, which are processed during PDF creation. The underlying path resolution mechanism fails to properly handle cases where expected content is not found, allowing the attacker to manipulate file paths. Consequently, this results in file_get_contents() being able to read files outside of the designated content directory, potentially exposing sensitive data.

Affected Version(s)

phpMyFAQ 0 < 4.1.5

phpMyFAQ 4.1.5

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

DomainXTech
.