Security Advisory 2026-05-14

Multiple vulnerabilities in phpMyFAQ

Issued on:

2026-05-14

Software:

phpMyFAQ <= 4.1.2

Risk:

High

Platforms:

all

The phpMyFAQ Team has learned of security issues that'd been discovered in phpMyFAQ 4.1.2 and earlier.

Description

phpMyFAQ contains an authentication bypass vulnerability where the default empty API token allows unauthorized access to protected endpoints.

An Insecure Direct Object Reference (IDOR) flaw in phpMyFAQ enables attackers to take over arbitrary user accounts by manipulating object identifiers.

An unauthenticated password reset endpoint in phpMyFAQ permits user enumeration and forces password changes without validating the reset token.

A missing password reset token check in phpMyFAQ allows account takeover through username and email enumeration.

Solution

The phpMyFAQ Team has released the new phpMyFAQ version 4.1.3, which fixes the vulnerabilities. All

users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.

Workaround

There's no workaround except installing phpMyFAQ 4.1.3.

Thanks

The phpMyFAQ team would like to thank guayu-kakeru, i.cyber.sa, and kitu232 for the responsible disclosures of these vulnerabilities.