Brute-Force Vulnerability in phpMyFAQ by phpMyFAQ Team
CVE-2017-11187

9.8CRITICAL

Key Information:

Vendor: pHPMyFAQ
Status: pHPMyFAQ
Vendor: CVE Published:; 12 July 2017

What is CVE-2017-11187?

The vulnerability in phpMyFAQ prior to version 2.9.8 allows attackers to conduct brute-force attacks, rapidly attempting multiple passwords in quick succession during the login process. This weakness compromises the security of user accounts and requires immediate attention to mitigate potential unauthorized access.

References

http://www.phpmyfaq.de/security/advisory-2017-07-12

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 12, 2017

JSON

pHPMyFAQ

What is CVE-2017-11187?

References

CVSS V3.1

Timeline