CSRF Vulnerability in phpMyFAQ Affects User Authentication
CVE-2014-0813

Currently unrated

Key Information:

Vendor: pHPMyFAQ
Status: pHPMyFAQ
Vendor: CVE Published:; 14 February 2014

What is CVE-2014-0813?

A Cross-site Request Forgery (CSRF) vulnerability exists in phpMyFAQ prior to version 2.8.6, allowing remote attackers to exploit this flaw to hijack user authentication. This manipulation enables unauthorized changes to user settings without proper consent. It poses a significant security risk by potentially allowing attackers to execute unwanted actions on behalf of authenticated users, compromising the integrity and privacy of user accounts.

References

http://jvn.jp/en/jp/JVN50943964/index.html

third-party-advisoryx_refsource_JVN

http://osvdb.org/102939

vdb-entryx_refsource_OSVDB

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000016

third-party-advisoryx_refsource_JVNDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2014
Vulnerability Reserved
Jan 6, 2014

JSON

pHPMyFAQ

What is CVE-2014-0813?

References

Timeline