CVE-2025-69200
HIGH 7.5phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated remote attacker can trigger generation of a configuration backup ZIP via `POST /api/setup/backup` and then download the generated ZIP from a web-accessible location. The ZIP contains sensitive configuration files (e.g., `database.php` with database credentials), leading to high-impact information disclosure and potential follow-on compromise. Version 4.0.16 fixes the issue.
Affected Applications in Environment
12
php
v2:8.4+101~+ubuntu24.04.1+deb.sury.org+1
8 devices
php
v2:8.4+100~+ubuntu24.04.1+deb.sury.org+1
1 device
php
v5.4.16-48.el7
1 device
php
v2:7.4+75
3 devices
php
v2:8.4+101~+ubuntu22.04.1+deb.sury.org+1
1 device
php
v2:8.2+93
1 device
php
v1:7.0+35ubuntu6.1
1 device
php
v2:8.4+96+ubuntu20.04.1+deb.sury.org+1
1 device
php
v2:8.4+100~+ubuntu22.04.1+deb.sury.org+1
1 device
php
v2:8.1+92ubuntu1
1 device
php
v2:8.3+93ubuntu2
5 devices
php
v1:7.2+60ubuntu1
1 device
Affected Devices
25
aggietower
Linux
ah-ots
Linux
cceredcapweb
Linux
guru.cluster
Linux
kena-utility
Linux
my1
Linux
mysql02
Linux
privatebin
Linux
rcbd
Linux
rcdb-dev
Linux
redcapweb
Linux
sys-serv-l-301-data
Linux
web04a
Linux
web06
Linux
web08.usu.edu
Linux
web11.usu.edu
Linux
web13.usu.edu
Linux
web14.usu.edu
Linux
web20
Linux
web22
Linux
web28
Linux
web29.usu.edu
Linux
web30.usu.edu
Linux
web37.usu.edu
Linux
webs.usu.edu
Linux