phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-value permissions to a group they belong to, inheriting those rights and escalating privileges up to full administrative control.
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 30 Jun 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to grant arbitrary rights to groups without verifying they hold those rights themselves. A delegated administrator can exploit this by assigning high-value permissions to a group they belong to, inheriting those rights and escalating privileges up to full administrative control. | |
| Title | phpMyFAQ - Privilege Escalation via Missing Self-Rights Constraint in GroupController::updatePermissions | |
| First Time appeared |
Phpmyfaq
Phpmyfaq phpmyfaq |
|
| Weaknesses | CWE-269 | |
| CPEs | cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Phpmyfaq
Phpmyfaq phpmyfaq |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-06-30T22:08:42.294Z
Reserved: 2026-06-26T17:58:05.796Z
Link: CVE-2026-57995
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-01T03:30:05Z
Weaknesses