phpMyFaq ImageManager Plugin Missing User Authentication
SECUNIA ADVISORY ID:
A security issue has been discovered in phpMyFaq, which can be
exploited by malicious people to upload or delete arbitrary images.
The security issue is caused due to a missing user authentication
check in the ImageManager plugin, which allows anyone to access the
Only version 1.4.0 is affected.
Update to version 1.4.0a.
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.