CVE-2007-6634

2008-01-0400:00:00

mitre

www.cve.org

8.6 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

51.0%

JSON

Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts.

References

lists.grok.org.uk/pipermail/full-disclosure/2007-December/059318.html

osvdb.org/39665

secunia.com/advisories/28248

www.securityfocus.com/archive/1/485589/100/0/threaded

www.securityfocus.com/bid/27052

exchange.xforce.ibmcloud.com/vulnerabilities/39286