Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDC6B9AEE8-3071-11DA-AF18-000AE4641456
HistorySep 23, 2005 - 12:00 a.m.

phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution

2005-09-2300:00:00
vuxml.freebsd.org
17

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON

If magic quotes are off there’s a SQL injection when
sending a forgotten password. It’s possible to overwrite
the admin password and to take over the whole system. In
some files in the admin section there are some cross site
scripting vulnerabilities. In the public frontend it’s
possible to include arbitrary php files.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyfaq< 1.5.2UNKNOWN

Related

nessus 2
openvas 2
cve 5
nessus
nessus
FreeBSD : phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution (c6b9aee8-3071-11da-af18-000ae4641456)
2006-05-13 00:00:00
phpMyFAQ < 1.5.2 Multiple Vulnerabilities
2005-09-26 00:00:00
openvas
openvas
FreeBSD Ports: phpmyfaq
2008-09-04 00:00:00
FreeBSD Ports: phpmyfaq
2008-09-04 00:00:00
cve
cve
CVE-2005-3046
2005-09-24 00:03:00
CVE-2005-3047
2005-09-24 00:03:00
CVE-2005-3049
2005-09-24 00:03:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.9%

JSON
Related for C6B9AEE8-3071-11DA-AF18-000AE4641456
nessus2openvas2cve5