Description

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages.

Remediation

References

CVE-2005-0702

Related Vulnerabilities

WordPress Plugin Featured Posts by BestWebSoft Cross-Site Scripting (1.0.0)

Jboss EAP Other Vulnerability (CVE-2020-1710)

WordPress Plugin WP Inventory Manager Cross-Site Scripting (1.7.8)

TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-5743)

Moodle Improper Access Control Vulnerability (CVE-2016-8643)

Severity

Medium

Classification

CVE-2005-0702

Tags

Missing Update Known Vulnerabilities