CVE-2017-15733
- Source
- https://cve.org/CVERecord?id=CVE-2017-15733
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-15733.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-15733
- Published
- 2017-10-22T18:29:00.527Z
- Modified
- 2025-11-14T05:06:07.796705Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
- References
Affected packages
Git / github.com/thorsten/phpmyfaq
Affected ranges
- Type
- GIT
- Repo
- https://github.com/thorsten/phpmyfaq
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
2.*
2.5.2
2.5.3
2.5.4
2.5.5
2.5.6
2.5.7
2.6.0
2.6.0-RC
2.6.0-alpha
2.6.0-beta
2.6.1
2.6.10
2.6.11
2.6.12
2.6.13
2.6.14
2.6.15
2.6.16
2.6.17
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.6.9
2.7.0
2.7.0-RC
2.7.0-alpha
2.7.0-alpha2
2.7.0-beta
2.7.0-beta2
2.7.0-beta3
2.7.1
2.7.2
2.7.3
2.7.4
2.7.5
2.7.6
2.7.7
2.7.8
2.7.9
2.8.0
2.8.0-RC
2.8.0-RC2
2.8.0-RC3
2.8.0-RC4
2.8.0-alpha
2.8.0-alpha2
2.8.0-alpha3
2.8.0-beta
2.8.0-beta2
2.8.0-beta3
2.8.1
2.8.10
2.8.11
2.8.12
2.8.13
2.8.14
2.8.15
2.8.16
2.8.17
2.8.18
2.8.19
2.8.2
2.8.20
2.8.21
2.8.22
2.8.23
2.8.24
2.8.25
2.8.26
2.8.27
2.8.28
2.8.29
2.8.3
2.8.4
2.8.5
2.8.6
2.8.7
2.8.8
2.8.9
2.9.0
2.9.0-RC
2.9.0-RC2
2.9.0-RC3
2.9.0-RC4
2.9.0-alpha
2.9.0-alpha2
2.9.0-alpha3
2.9.0-alpha4
2.9.0-beta
2.9.0-beta2
2.9.1
2.9.2
2.9.3
2.9.4
2.9.5
2.9.6
2.9.7
2.9.8