The vulnerability of the FAQ Management System’s /endpoint/delete-faq.php script allows a hacker to execute arbitrary SQL queries against the database.

The vulnerability of the Add FAQ component of the management system’s FAQ module often stems from the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries against the database remotely...

CVE-2024-27719

A cross site scripting XSS vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in the Add FAQ function...

CVE-2024-2070

A vulnerability classified as problematic was found in SourceCodester FAQ Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-faq.php. The manipulation of the argument question/answer leads to cross site scripting. The attack can be launched...

FAQ Management System Cross-Site Scripting Vulnerability

FAQ Management System is a frequently asked questions management system by Remy Andrade, an individual developer. A cross-site scripting vulnerability exists in version 1.0 of the FAQ Management System, which stems from the parameter question/answer in the file /endpoint/add-faq.php, which result...

CVE-2007-6633

Multiple cross-site scripting XSS vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via 1 the catname parameter to faq.php; and unspecified parameters to the 2 add categories, 3 edit categories, 4 delete categories, 5 add faq...

CVE-2007-6633

Multiple cross-site scripting XSS vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via 1 the catname parameter to faq.php; and unspecified parameters to the 2 add categories, 3 edit categories, 4 delete categories, 5 add faq...