Description
SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Allopass for WP Cross-Site Scripting (1.0.7)
WordPress Plugin Ultimate WP Query Search Filter Cross-Site Scripting (1.0.10)
WordPress Plugin Our Team Showcase Cross-Site Request Forgery (1.2)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-1686)