Description
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2019-2484 Vulnerability (CVE-2019-2484)
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16177)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2011-2719)
Java Code Execution Vulnerability (CVE-2018-3211)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)