Lucene search

K

Veracode Vulnerability DatabaseVERACODE:5306

HistoryOct 23, 2017 - 6:55 a.m.

Cross-site Request Forgery (CSRF)

2017-10-2306:55:39

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

EPSS

0.001

Percentile

31.7%

phpmyfaq is vulnerable to cross-site request forgery (CSRF) attacks. The application does not have any CSRF protections for the phpmyfaq/admin/stat.adminlog.php file, allowing a malicious user to send a request to delete the admin log.

References

github.com/thorsten/phpMyFAQ/commit/fadb9a70b5f7624a6926b8834d5c6001c210f09c

EPSS

0.001

Percentile

31.7%

Related for VERACODE:5306

nvd1 cve1 prion1 osv1 cvelist1 openvas1