Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-16650)

Description

phpMyFAQ before 2.9.11 allows CSRF.

Remediation

References

Related Vulnerabilities

Magento Improper Authorization Vulnerability (CVE-2021-28563)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login PHP Object Injection (3.7.9.2)

WebLogic CVE-2018-1313 Vulnerability (CVE-2018-1313)

Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-10910)

WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)

Severity

High

Classification

CVE-2018-16650 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities