Description

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages.

Remediation

References

CVE-2005-0702

Related Vulnerabilities

Undertow Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2017-7559)

WordPress Plugin PIKLIST-Rapid development framework Cross-Site Scripting (0.9.4.25)

Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10)

Oracle Database Server CVE-2008-2591 Vulnerability (CVE-2008-2591)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.226)

Severity

Medium

Classification

CVE-2005-0702

Tags

Missing Update Known Vulnerabilities