WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15729)

Description

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.

Remediation

References

Related Vulnerabilities

WebLogic CVE-2020-2884 Vulnerability (CVE-2020-2884)

WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Cross-Site Scripting (1.3.3)

WordPress Plugin Zielke Specialized Catalog Arbitrary File Upload (3.0.7)

WordPress Plugin Stylish Price List Security Bypass (6.8.14)

WordPress Plugin WP Retina 2x Cross-Site Scripting (5.2.0)

Severity

High

Classification

CVE-2017-15729 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities