# Exploit Title: phpMyFaq 2.9.8 - Cross Site Request Forgery (CSRF) # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/thorsten/phpMyFAQ/ # Software Link: https://github.com/thorsten/phpMyFAQ/ # Version: 2.9.8 # Tested on: Windows 10 # CVE : CVE-2017-15808 PoC: Steps to Reproduce: 1. Save the following code as poc.html. 2. Log in phpmyfaq, and open the file in the same browser. 3. The outcome will occur.