CVE-2014-6046
- EPSS 0.25%
- Published 28.08.2018 17:29:00
- Last modified 21.11.2024 02:13:40
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens o...
CVE-2017-15808
- EPSS 0.06%
- Published 23.10.2017 17:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
CVE-2017-15809
- EPSS 0.22%
- Published 23.10.2017 17:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFaq before 2.9.9, there is XSS in admin/tags.main.php via a crafted tag.
CVE-2017-15727
- EPSS 0.18%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via an HTML attachment.
CVE-2017-15728
- EPSS 0.24%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (XSS) via metaDescription or metaKeywords.
CVE-2017-15729
- EPSS 0.13%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
CVE-2017-15730
- EPSS 0.38%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
CVE-2017-15731
- EPSS 0.13%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
CVE-2017-15732
- EPSS 0.13%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
CVE-2017-15733
- EPSS 0.13%
- Published 22.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.