5 matches found
The vulnerability of the FAQ Management System’s /endpoint/delete-faq.php script allows a hacker to execute arbitrary SQL queries against the database.
The vulnerability of the Add FAQ component of the management system’s FAQ module often stems from the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary SQL queries against the database remotely...
FAQ Management System SQL Injection Vulnerability
FAQ Management System is a Frequently Asked Questions Management System by Remy Andrade Personal Developer. A SQL injection vulnerability exists in version 1.0 of the FAQ Management System, which stems from the parameter faq in the file /endpoint/delete-faq.php, which can lead to SQL injection...
PT-2024-18694 · Sourcecodester · Sourcecodester Loan Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester FAQ Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /endpoint/delete-faq.php. The manipulation of the faq argument leads to sql injection,...
CVE-2007-6633
Multiple cross-site scripting XSS vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via 1 the catname parameter to faq.php; and unspecified parameters to the 2 add categories, 3 edit categories, 4 delete categories, 5 add faq...
CVE-2007-6633
Multiple cross-site scripting XSS vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via 1 the catname parameter to faq.php; and unspecified parameters to the 2 add categories, 3 edit categories, 4 delete categories, 5 add faq...