Metrics
Affected Vendors & Products
| Source | ID | Title | 
|---|---|---|
|  EUVD | EUVD-2025-32303 | phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover. This issue is fixed in version 4.0.13. | 
|  Github GHSA | GHSA-9wj2-4hcm-r74j | phpMyFAQ duplicate email registration allows multiple accounts with the same email | 
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 10 Oct 2025 16:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Phpmyfaq Phpmyfaq phpmyfaq | |
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:phpmyfaq:phpmyfaq:4.0.7:*:*:*:*:*:*:* | |
| Vendors & Products | Phpmyfaq Phpmyfaq phpmyfaq | 
Mon, 06 Oct 2025 14:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Thorsten Thorsten phpmyfaq | |
| Vendors & Products | Thorsten Thorsten phpmyfaq | 
Fri, 03 Oct 2025 21:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 03 Oct 2025 20:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during user registration. This allows multiple distinct accounts to be created with the same email. Because email is often used as an identifier for password resets, notifications, and administrative actions, this flaw can cause account ambiguity and, in certain configurations, may lead to privilege escalation or account takeover. This issue is fixed in version 4.0.13. | |
| Title | phpMyFAQ duplicate email registration allows multiple accounts with the same email | |
| Weaknesses | CWE-284 CWE-286 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-10-03T20:45:27.185Z
Reserved: 2025-09-23T14:33:49.505Z
Link: CVE-2025-59943
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-10-03T20:24:03.619Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2025-10-03T21:15:34.757
Modified: 2025-10-10T16:35:13.803
Link: CVE-2025-59943
 Redhat
                        Redhat
                    No data.
 OpenCVE Enrichment
                        OpenCVE Enrichment
                    Updated: 2025-10-06T14:42:10Z