Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15808)

Description

In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.

Remediation

References

Related Vulnerabilities

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Multiple Vulnerabilities (4.6.0.3)

WordPress Plugin School Management System-WPSchoolPress Multiple Cross-Site Scripting Vulnerabilities (2.1.16)

Oracle Database Server CVE-2008-0342 Vulnerability (CVE-2008-0342)

Sqlite Use After Free Vulnerability (CVE-2024-0232)

Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-22720)

Severity

High

Classification

CVE-2017-15808 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities