EUVD-2006-2881

Malware in sbrugna...

Free FAQ 1.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...

Kmita FAQ 1.0 index.php catid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly...

WordPress IndiaNIC FAQS Manager 1.0 SQL Injection

Exploit Title: WordPress IndiaNIC FAQ 1.0 Plugin Blind SQL Injection Google Dork: inurl:wp-content/plugins/faqs-manager Date: 21.03.2013 Exploit Author: m3tamantra http://m3tamantra.wordpress.com/blog Vendor Homepage: http://wordpress.org/extend/plugins/faqs-manager/ Software Link:...

Free FAQ 1.0 - index.php Remote File Inclusion

Free FAQ 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary...

CVE-2006-4008

The CVE-2006-4008 entry concerns Knusperleicht Faq 1.0, where a PHP remote file inclusion flaw allows an attacker to cause arbitrary PHP code execution via a URL supplied in the faq_path parameter. This describes a network-accessible vulnerability in index.php that can be triggered by crafting th...

Sql injection

SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...

CVE-2006-2884

SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...

CVE-2006-2883

CVE-2006-2883 concerns a cross-site scripting (XSS) vulnerability in Kmita FAQ 1.0’s search.php. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter. The vulnerability affects the search function and is documented with a CVSS 2.0 base score of 4.3 (Medium)...

CVE-2006-2883

Cross-site scripting XSS vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter...

Kmita FAQ 1.0 - index.php?catid SQL Injection

Kmita FAQ 1.0 - index.php?catid SQL Injection source: https://www.securityfocus.com/bid/18282/info Kmita FAQ is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to...