Description
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2017-0281 Vulnerability (CVE-2017-0281)
Oracle Database Server CVE-2007-5504 Vulnerability (CVE-2007-5504)
Joomla! Core 3.x.x Arbitrary File Upload (3.0.0 - 3.1.4)
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-12629)