CVE-2014-0813

CVE-2014-0813

EPSS 1.1%

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000016 http://jvn.jp/en/jp/JVN50943964/index.html http://osvdb.org/102939 http://secunia.com/advisories/56006 https://exchange.xforce.ibmcloud.com/vulnerabilities/90963 http://www.phpmyfaq.de/advisory_2014-02-04.php http://www.securityfocus.com/bid/65368