2 matches found
phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities
The version of phpMyFAQ on the remote host does not properly validate input to the 'uin' parameter of several scripts before using it in database queries. An unauthenticated, remote attacker may be able to leverage these issues to launch SQL injection attacks against the affected application, eve...
CVE-2006-6913
CVE-2006-6913 affects phpMyFAQ 1.6.7 and earlier. An unspecified vulnerability allows remote attackers to upload arbitrary PHP scripts via unspecified vectors. Multiple reports reference this entry and describe the ability to upload executable files, but the exact vectors, affected components, an...