CVE-2014-0813

Severity CVSS v4.0:
Pending analysis
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
14/02/2014
Last modified:
11/04/2025

Description

Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:* 2.8.5 (including)
cpe:2.3:a:phpmyfaq:phpmyfaq:1.0:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.4a:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:phpmyfaq:phpmyfaq:1.2.3:*:*:*:*:*:*:*