paFaq10beta4.txt

GulfTech Security Research June 20th, 2005 Vendor : php Arena URL : http://www.phparena.net/pafaq.php Version : paFAQ 1.0 Beta 4 Risk : Multiple Vulnerabilities Description: paFAQ is a FAQ/Knowledge base system that allows webmasters to keep an organized database of Frequently Asked Questions; a...

CVE-2005-2013

The CVE-2005-2013 entry concerns paFAQ 1.0 Beta 4, a PHP/MySQL web application. The described vulnerability allows remote attackers to access admin/backup.php directly, which contains a backup of the database including usernames and passwords. This exposure could reveal administrator credentials ...

CVE-2005-2012

paFAQ 1.0 Beta 4 is affected by multiple SQL injection vulnerabilities in the login flow, allowing remote attackers to bypass authentication by manipulating the (1) username or (2) id parameters. The Nessus plugin and CVE records corroborate that the remote PHP/MySQL application is vulnerable to ...

CVE-2005-2011

Multiple cross-site scripting XSS vulnerabilities in paFAQ 1.0 Beta 4 allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the id parameter in a Question action...

CVE-2005-2012

Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username or 2 id parameters...

CVE-2005-2013

paFAQ 1.0 Beta 4 allows remote attackers to obtain sensitive information via a direct request to admin/backup.php, which contains a backup of the database including usernames and passwords...

CVE-2005-2012

Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username or 2 id parameters...

CVE-2005-2014

The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote authenticated administrators to execute arbitrary PHP commands by uploading a malicious language pack...