phpmyfaq is vulnerable to cross-site request forgery (CSRF) attacks. The application does not implement any CSRF protections in the phpmyfaq/admin/stat.ratings.php
file, allowing a malicious user to send an unauthorized request to modify the information presented.
CPE | Name | Operator | Version |
---|---|---|---|
phpmyfaq/phpmyfaq | le | 2.9.8 | |
thorsten/phpmyfaq | le | 2.9.8 |