phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution

ID C6B9AEE8-3071-11DA-AF18-000AE4641456
Type freebsd
Reporter FreeBSD
Modified 2005-09-23T00:00:00


If magic quotes are off there's a SQL injection when sending a forgotten password. It's possible to overwrite the admin password and to take over the whole system. In some files in the admin section there are some cross site scripting vulnerabilities. In the public frontend it's possible to include arbitrary php files.