Description
SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2007-4840)
WebLogic CVE-2022-21557 Vulnerability (CVE-2022-21557)
Django Improper Input Validation Vulnerability (CVE-2015-5144)
WordPress Plugin WP Custom Fields Search Cross-Site Scripting (1.2.34)
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)