EUVD-2005-3938

Malware in sbrugna...

SourceCodester FAQ Management System 安全漏洞

SourceCodester FAQ Management System is an open source question and answer management system from SourceCodester. A security vulnerability exists in version 1.0 of the SourceCodester FAQ Management System, which stems from the update-faq.php endpoint that does not clean up the question and answer...

CVE-2024-27719

A cross site scripting XSS vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in the Add FAQ function...

phpMyFAQ Access Control Error Vulnerability

phpMyFAQ is a multi-language, fully database-driven FAQ system. An access control error vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the presence of insufficient session expiration. An attacker can exploit this vulnerability to still use old sessions...

phpMyFAQ has an unspecified vulnerability (CNVD-2023-09634)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a security vulnerability that stems from an uncaught exception. No detailed vulnerability details are currently available...

phpMyFAQ code injection vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a code injection vulnerability that stems from code injection. No detailed vulnerability details are currently available...

phpMyFAQ command injection vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.11 contain a command injection vulnerability, which stems from command injection. No detailed vulnerability details are currently available...

phpMyFAQ cross-site scripting vulnerability (CNVD-2023-04313)

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.1.10, which stems from the presence of stored cross-site scripting XSS. No details of the vulnerability are provided at this time...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04316)

phpMyFAQ is a multilingual, fully database-driven FAQ system by Thorsten Rinne, a personal developer. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting XSS. No detailed vulnerability details are...

phpMyFAQ Cross-Site Scripting Vulnerability (CNVD-2023-04317)

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to a cross-site scripting vulnerability that stems from the presence of stored cross-site scripting XSS. No detailed vulnerability details are currently available...

phpMyFAQ authorization issue vulnerability

phpMyFAQ is a multilingual, fully database-driven FAQ system. phpMyFAQ versions prior to 3.1.10 are vulnerable to an authorization issue that stems from incorrect authentication. No detailed second floor details are currently available...

FAQ System 1.1 viewFAQ.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

FAQ System 1.1 index.php CATEGORY_ID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

CVE-2005-3943

Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 FAQID and 2 action parameters in a viewFAQ.php; and 3 CATEGORYID parameter in b index.php...

CVE-2005-3943

CVE-2005-3943 affects ilyav FAQ System v1.1 and earlier, with multiple SQL injection vulnerabilities. The flaws allow remote attackers to inject SQL via (1) FAQ_ID and (2) action in viewFAQ.php, and (3) CATEGORY_ID in index.php. NVD lists a CVSSv2 base score of 7.5 (HIGH) with network access, low...

CVE-2005-3943

Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 FAQID and 2 action parameters in a viewFAQ.php; and 3 CATEGORYID parameter in b index.php...

FAQ System 1.1 - viewFAQ.php Multiple SQL Injections

FAQ System 1.1 - viewFAQ.php Multiple SQL Injections source: https://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

FAQ System 1.1 - index.php?category_id SQL Injection

FAQ System 1.1 - index.php?categoryid SQL Injection source: https://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

FAQ System 1.1 - 'index.php?category_id' SQL Injection

source: https://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise o...

FAQ System 1.1 - 'viewFAQ.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise o...