CVE-2017-15733

HIGH

Phpmyfaq < 2.9.8 - CSRF

Title source: rule

In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.

Core 1

Core References

Patch, Third Party Advisory x_refsource_confirm

CVSS v3 8.8

EPSS 0.0013

EPSS Percentile 32.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-352

Status published

Products (1)

phpmyfaq/phpmyfaq < 2.9.8

Published Oct 22, 2017

Tracked Since Feb 18, 2026