CVE-2026-46364 Critical Severity Vulnerability Details & Analysis

Summary

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captcha endpoint by crafting malicious User-Agent headers to perform time-based blind SQL injection, extracting sensitive data including user credentials, admin tokens, and SMTP credentials from the datab

Description

phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captcha endpoint by crafting malicious User-Agent headers to perform time-based blind SQL injection, extracting sensitive data including user credentials, admin tokens, and SMTP credentials from the database.

📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.5% of all 325,703 vulnerabilities in our database.

#31,028

Top 10% most severe

Severity Percentile

🎯 CISA SSVC Assessment Updated: May 15, 2026

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

YES

Can be exploited automatically

💥 Technical Impact

Total

Complete system compromise possible

🏆 Discovered By

adrgs (reporter) aisafe-bot

SSVC data provided by CISA

CVE-2026-46364

Summary

Description

📊 Relative Risk Intelligence

🎯 CISA SSVC Assessment Updated: May 15, 2026

📦 Affected Products 0

🔗 References 3