WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15729)

Description

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.

Remediation

References

Related Vulnerabilities

Apache version older than 1.3.27

WordPress Plugin Visitors Cross-Site Scripting (0.3)

WordPress Plugin WP Easy full backup Information Disclosure (1.4)

WordPress Plugin WP REST API (WP API) Security Bypass (1.2.1)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4249)

Severity

High

Classification

CVE-2017-15729 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities