EPSS
Percentile
31.7%
phpmyfaq is vulnerable to cross-site request forgery (CSRF). The library fails to implement any CSRF protection in the phpmyfaq/admin/ajax.config.php file, allowing a malicious user to send a request to create or delete a phpmyfaq instance.
phpmyfaq/admin/ajax.config.php
github.com/thorsten/phpMyFAQ/commit/a249b4645fb86f6a9fbe5d2344ab1cbdb906b75c