Description

phpMyFAQ before 2.9.8 does not properly mitigate brute-force attacks that try many passwords in attempted logins quickly.

Remediation

References

CVE-2017-11187

Related Vulnerabilities

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37148)

WordPress Plugin Nelio AB Testing Server-Side Request Forgery (4.5.10)

WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder Cross-Site Scripting (5.0.06)

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623)

WordPress Data Processing Errors Vulnerability (CVE-2014-9034)

Severity

Critical

Classification

CVE-2017-11187 CWE-307 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities