CVE-2014-0813

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
jpcertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
phpmyfaqphpmyfaq
𝑥
≤ 2.8.5
phpmyfaqphpmyfaq
1.0
phpmyfaqphpmyfaq
1.0.1
phpmyfaqphpmyfaq
1.0.1a:a
phpmyfaqphpmyfaq
1.1.0
phpmyfaqphpmyfaq
1.1.1
phpmyfaqphpmyfaq
1.1.2
phpmyfaqphpmyfaq
1.1.3
phpmyfaqphpmyfaq
1.1.4
phpmyfaqphpmyfaq
1.1.4a:a
phpmyfaqphpmyfaq
1.1.5
phpmyfaqphpmyfaq
1.2.0
phpmyfaqphpmyfaq
1.2.1
phpmyfaqphpmyfaq
1.2.2
phpmyfaqphpmyfaq
1.2.3
phpmyfaqphpmyfaq
1.2.4
phpmyfaqphpmyfaq
1.2.5
phpmyfaqphpmyfaq
1.2.5a:a
phpmyfaqphpmyfaq
1.2.5b:b
phpmyfaqphpmyfaq
1.3.0
phpmyfaqphpmyfaq
1.3.1
phpmyfaqphpmyfaq
1.3.2
phpmyfaqphpmyfaq
1.3.3
phpmyfaqphpmyfaq
1.3.4
phpmyfaqphpmyfaq
1.3.5
phpmyfaqphpmyfaq
1.3.6
phpmyfaqphpmyfaq
1.3.7
phpmyfaqphpmyfaq
1.3.8
phpmyfaqphpmyfaq
1.3.9
phpmyfaqphpmyfaq
1.3.9:pl1
phpmyfaqphpmyfaq
1.3.10
phpmyfaqphpmyfaq
1.3.11
phpmyfaqphpmyfaq
1.3.12
phpmyfaqphpmyfaq
1.3.13
phpmyfaqphpmyfaq
1.3.14
phpmyfaqphpmyfaq
1.4
phpmyfaqphpmyfaq
1.4:alpha1
phpmyfaqphpmyfaq
1.4:alpha2
phpmyfaqphpmyfaq
1.4.0
phpmyfaqphpmyfaq
1.4.0a:a
phpmyfaqphpmyfaq
1.4.1
phpmyfaqphpmyfaq
1.4.2
phpmyfaqphpmyfaq
1.4.3
phpmyfaqphpmyfaq
1.4.4
phpmyfaqphpmyfaq
1.4.5
phpmyfaqphpmyfaq
1.4.6
phpmyfaqphpmyfaq
1.4.7
phpmyfaqphpmyfaq
1.4.8
phpmyfaqphpmyfaq
1.4.9
phpmyfaqphpmyfaq
1.4.10
phpmyfaqphpmyfaq
1.4.11
phpmyfaqphpmyfaq
1.5
phpmyfaqphpmyfaq
1.5:alpha1
phpmyfaqphpmyfaq
1.5:alpha2
phpmyfaqphpmyfaq
1.5:beta1
phpmyfaqphpmyfaq
1.5:beta2
phpmyfaqphpmyfaq
1.5:beta3
phpmyfaqphpmyfaq
1.5:rc1
phpmyfaqphpmyfaq
1.5:rc2
phpmyfaqphpmyfaq
1.5:rc3
phpmyfaqphpmyfaq
1.5:rc4
phpmyfaqphpmyfaq
1.5:rc5
phpmyfaqphpmyfaq
1.5.0
phpmyfaqphpmyfaq
1.5.1
phpmyfaqphpmyfaq
1.5.2
phpmyfaqphpmyfaq
1.5.3
phpmyfaqphpmyfaq
1.5.4
phpmyfaqphpmyfaq
1.5.5
phpmyfaqphpmyfaq
1.5.6
phpmyfaqphpmyfaq
1.5.7
phpmyfaqphpmyfaq
1.5.8
phpmyfaqphpmyfaq
1.5.9
phpmyfaqphpmyfaq
1.6.0
phpmyfaqphpmyfaq
1.6.1
phpmyfaqphpmyfaq
1.6.2
phpmyfaqphpmyfaq
1.6.3
phpmyfaqphpmyfaq
1.6.4
phpmyfaqphpmyfaq
1.6.5
phpmyfaqphpmyfaq
1.6.6
phpmyfaqphpmyfaq
1.6.7
phpmyfaqphpmyfaq
1.6.8
phpmyfaqphpmyfaq
1.6.9
phpmyfaqphpmyfaq
1.6.10
phpmyfaqphpmyfaq
1.6.11
phpmyfaqphpmyfaq
1.6.12
phpmyfaqphpmyfaq
2.0.0
phpmyfaqphpmyfaq
2.0.1
phpmyfaqphpmyfaq
2.0.2
phpmyfaqphpmyfaq
2.0.3
phpmyfaqphpmyfaq
2.0.4
phpmyfaqphpmyfaq
2.0.5
phpmyfaqphpmyfaq
2.0.6
phpmyfaqphpmyfaq
2.0.7
phpmyfaqphpmyfaq
2.0.8
phpmyfaqphpmyfaq
2.0.9
phpmyfaqphpmyfaq
2.0.10
phpmyfaqphpmyfaq
2.0.11
phpmyfaqphpmyfaq
2.0.12
phpmyfaqphpmyfaq
2.0.13
phpmyfaqphpmyfaq
2.0.14
phpmyfaqphpmyfaq
2.0.15
phpmyfaqphpmyfaq
2.0.16
phpmyfaqphpmyfaq
2.0.17
phpmyfaqphpmyfaq
2.5.0
phpmyfaqphpmyfaq
2.5.1
phpmyfaqphpmyfaq
2.5.2
phpmyfaqphpmyfaq
2.5.3
phpmyfaqphpmyfaq
2.5.4
phpmyfaqphpmyfaq
2.5.5
phpmyfaqphpmyfaq
2.5.6
phpmyfaqphpmyfaq
2.5.7
phpmyfaqphpmyfaq
2.6.0
phpmyfaqphpmyfaq
2.6.1
phpmyfaqphpmyfaq
2.6.2
phpmyfaqphpmyfaq
2.6.3
phpmyfaqphpmyfaq
2.6.4
phpmyfaqphpmyfaq
2.6.5
phpmyfaqphpmyfaq
2.6.6
phpmyfaqphpmyfaq
2.6.7
phpmyfaqphpmyfaq
2.6.8
phpmyfaqphpmyfaq
2.6.9
phpmyfaqphpmyfaq
2.6.10
phpmyfaqphpmyfaq
2.6.11
phpmyfaqphpmyfaq
2.6.12
phpmyfaqphpmyfaq
2.6.13
phpmyfaqphpmyfaq
2.6.14
phpmyfaqphpmyfaq
2.6.15
phpmyfaqphpmyfaq
2.6.16
phpmyfaqphpmyfaq
2.6.17
phpmyfaqphpmyfaq
2.6.18
phpmyfaqphpmyfaq
2.7.0
phpmyfaqphpmyfaq
2.7.1
phpmyfaqphpmyfaq
2.7.2
phpmyfaqphpmyfaq
2.7.3
phpmyfaqphpmyfaq
2.7.4
phpmyfaqphpmyfaq
2.7.5
phpmyfaqphpmyfaq
2.7.6
phpmyfaqphpmyfaq
2.7.7
phpmyfaqphpmyfaq
2.7.8
phpmyfaqphpmyfaq
2.7.9
phpmyfaqphpmyfaq
2.8.0
phpmyfaqphpmyfaq
2.8.1
phpmyfaqphpmyfaq
2.8.2
phpmyfaqphpmyfaq
2.8.3
phpmyfaqphpmyfaq
2.8.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN50943964/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000016
http://osvdb.org/102939
http://secunia.com/advisories/56006
http://www.phpmyfaq.de/advisory_2014-02-04.php
http://www.securityfocus.com/bid/65368
https://exchange.xforce.ibmcloud.com/vulnerabilities/90963
http://jvn.jp/en/jp/JVN50943964/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000016
http://osvdb.org/102939
http://secunia.com/advisories/56006
http://www.phpmyfaq.de/advisory_2014-02-04.php
http://www.securityfocus.com/bid/65368
https://exchange.xforce.ibmcloud.com/vulnerabilities/90963