EUVD-2005-2562

Malware in sbrugna...

thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames

Summary A vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent. Details In...

CVE-2005-2561

MYFAQ 1.0 contains multiple SQL injection vulnerabilities reachable via the Theme, SousTheme, Faq, and question parameters across several PHP pages (affichagefaq.php3, choixsoustheme.php3, consultation.php3, insfaq.php3, inssoustheme.php3, instheme.php3, saisiefaqtotale.php3, saisiesoustheme.php3...

CVE-2005-2561

Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the Theme parameter to 1 affichagefaq.php3, 2 choixsoustheme.php3, 3 consultation.php3, 4 insfaq.php3, 5 inssoustheme.php3, 6 instheme.php3, 7 saisiefaqtotale.php3, 8...

CVE-2005-2561

Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the Theme parameter to 1 affichagefaq.php3, 2 choixsoustheme.php3, 3 consultation.php3, 4 insfaq.php3, 5 inssoustheme.php3, 6 instheme.php3, 7 saisiefaqtotale.php3, 8...

[SVadvisory#13] - SQL injection in MYFAQ 1.0

SVadvisory13 title: SQL injection product: MYFAQ version: V1.0 site: http://vpontier.free.fr/ ===================================================================================== Vulnerability ============== 1 affichagefaq.php3 Code: -------------------------- ?php .... $Requete = "SELECT LIBELL...