CVE-2014-0813

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

🔗 References (14)

• vultures@jpcerthttp://jvn.jp/en/jp/JVN50943964/index.html
• vultures@jpcerthttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000016
• vultures@jpcerthttp://osvdb.org/102939
• vultures@jpcerthttp://secunia.com/advisories/56006
• vultures@jpcerthttp://www.phpmyfaq.de/advisory_2014-02-04.php
• vultures@jpcerthttp://www.securityfocus.com/bid/65368
• vultures@jpcerthttps://exchange.xforce.ibmcloud.com/vulnerabilities/90963
• af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN50943964/index.html
• af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/jvndb/JVNDB-2014-000016
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/102939
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/56006
• af854a3a-2127-422b-91ae-364da2661108http://www.phpmyfaq.de/advisory_2014-02-04.php
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/65368
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/90963