CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1756 matches found

Prion•added 2017/10/22 6:29 p.m.•15 views

Cross site request forgery (csrf)

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.ratings.php...

6.8CVSS8.8AI score0.00362EPSS

Exploits2References2Affected Software1

OSV•added 2017/10/22 6:29 p.m.•14 views

CVE-2017-15734

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.main.php...

8.8CVSS7.3AI score

Exploits0References1

NVD•added 2017/10/22 6:29 p.m.•15 views

CVE-2017-15729

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF for adding a glossary...

8.8CVSS8.9AI score0.00134EPSS

Exploits0References1

Prion•added 2017/10/22 6:29 p.m.•16 views

Cross site request forgery (csrf)

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF for adding a glossary...

6.8CVSS8.8AI score0.00134EPSS

Exploits0References1Affected Software1

OSV•added 2017/10/22 6:29 p.m.•13 views

CVE-2017-15731

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.adminlog.php...

8.8CVSS7.3AI score

Exploits0References1

OSV•added 2017/10/22 6:29 p.m.•16 views

CVE-2017-15735

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF for modifying a glossary...

8.8CVSS7.3AI score

Exploits0References1

NVD•added 2017/10/22 6:29 p.m.•13 views

CVE-2017-15730

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.ratings.php...

8.8CVSS8.8AI score0.00362EPSS

Exploits2References2

OSV•added 2017/10/22 6:29 p.m.•15 views

CVE-2017-15728

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting XSS via metaDescription or metaKeywords...

4.8CVSS6.2AI score

Exploits0References1

Prion•added 2017/10/22 6:29 p.m.•16 views

Cross site scripting

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting XSS via metaDescription or metaKeywords...

3.5CVSS4.9AI score0.00235EPSS

Exploits0References1Affected Software1

NVD•added 2017/10/22 6:29 p.m.•12 views

CVE-2017-15731

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.adminlog.php...

8.8CVSS8.8AI score0.00134EPSS

Exploits0References1

Prion•added 2017/10/22 6:29 p.m.•11 views

Cross site scripting

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting XSS via an HTML attachment...

3.5CVSS5.3AI score0.00418EPSS

Exploits1References2Affected Software1

OSV•added 2017/10/22 6:29 p.m.•15 views

CVE-2017-15730

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/stat.ratings.php...

8.8CVSS7.3AI score

Exploits0References2

NVD•added 2017/10/22 6:29 p.m.•9 views

CVE-2017-15732

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/news.php...

8.8CVSS8.8AI score0.00134EPSS

Exploits0References1

NVD•added 2017/10/22 6:29 p.m.•11 views

CVE-2017-15728

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting XSS via metaDescription or metaKeywords...

4.8CVSS5AI score0.00235EPSS

Exploits0References1

NVD•added 2017/10/22 6:29 p.m.•11 views

CVE-2017-15735

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF for modifying a glossary...

8.8CVSS8.9AI score0.00109EPSS

Exploits2References1

OSV•added 2017/10/22 6:29 p.m.•13 views

CVE-2017-15732

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/news.php...

8.8CVSS7.3AI score

Exploits0References1

Cvelist•added 2017/10/21 10:0 p.m.•16 views

CVE-2017-15728

In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting XSS via metaDescription or metaKeywords...

5.7AI score0.00235EPSS

Exploits0References1

Cvelist•added 2017/10/21 10:0 p.m.•13 views

CVE-2017-15732

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery CSRF in admin/news.php...

8.9AI score0.00134EPSS

Exploits0References1

CVE•added 2017/10/21 10:0 p.m.•56 views

CVE-2017-15735

CVE-2017-15735 affects phpMyFAQ prior to 2.9.9, with a CSRF vulnerability that allows modification of glossary items. Multiple connected sources document CSRF for glossary updates (including PoC showing a form POST to admin/index.php?action=updateglossary while authenticated). The root cause desc...

8.8CVSS8.8AI score0.00109EPSS

Exploits2References1Affected Software1

CVE•added 2017/10/21 10:0 p.m.•56 views

CVE-2017-15733

The CVE-2017-15733 entry concerns phpMyFAQ prior to version 2.9.9, where CSRF protections are missing for admin/ajax.attachment.php and admin/att.main.php. Several connected sources (NVD/NVD-derived records, Red Hat advisory RH:CVE-2017-15733, CNVD, OSV, and Veracode) corroborate that an attacker...

8.8CVSS8.8AI score0.00134EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by