3 matches found
The vulnerability of the insertentry/saveentry function in the phpMyFAQ web application allows a hacker to gain unauthorized access to the application.
The vulnerability of the insertentry/saveentry function in the phpMyFAQ web application is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the application...
GHSA-2GRW-MC9R-822R phpMyFAQ SQL injections at insertentry & saveentry
Summary A SQL injection vulnerability has been discovered in the insertentry & saveentry when modifying records due to improper escaping of the email address. This allows any authenticated user with the rights to add/edit FAQ news to exploit this vulnerability to exfiltrate data, take over accoun...
CVE-2024-28107 phpMyFAQ SQL injections at insertentry & saveentry
phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. A SQL injection vulnerability has been discovered in the insertentry & saveentry when modifying records due to improper escaping of the email address. This allows any authenticated user with the...