1756 matches found
CVE-2004-2257
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request...
CVE-2004-2255
Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename...
[SA15810] phpMyFAQ XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-0702
SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages...
CVE-2005-0702
The CVE-2005-0702 entry documents a SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 caused by insufficient sanitization of the username field in forum messages, enabling remote attackers to add FAQ records to the database. The underlying issue is that user input is used in SQL queries without...
phpMyFAQ Forum Message username Field SQL Injection
The remote host is running a version of phpMyFAQ that fails to sufficiently sanitize the 'username' parameter before using it in SQL queries. As a result, a remote attacker can pass malicious input to database queries, potentially resulting in data exposure, data modification, or attacks against...
[SA14516] phpMyFaq "username" SQL Injection Vulnerability
---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...
phpMyFAQ Detection
The remote host is running phpMyFAQ, a multi-lingual database-driven FAQ system using PHP and MySQL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17297; scriptversion"1.18"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
CVE-2005-0702
SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages...
phpMyFAQ < 1.6.0 SQL Injection (deprecated)
Binary data 2675.prm...
CVE-2004-2256
Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang language variable...
CVE-2004-2255
Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename...
PT-2004-3152 · Phpmyfaq · Phpmyfaq
Name of the Vulnerable Software and Affected Versions: phpMyFAQ version 1.4.0 Description: The issue allows remote attackers to access the Image Manager without authorization, enabling them to upload or delete images via a direct request. Recommendations: For phpMyFAQ version 1.4.0, consider...
phpMyFAQ index.php action Parameter Local File Inclusion
The version of phpMyFAQ on the remote host contains a flaw that may lead to an unauthorized information disclosure. The problem is that user input passed to the 'action' parameter is not properly verified before being used to include files, which could allow a remote attacker to view any accessib...
phpMyFAQ Image Upload Authentication Bypass
The version of phpMyFAQ on the remote host contains a flaw that could allow an attacker without authorization to upload and delete arbitrary images on the remote host. An attacker may exploit this problem to deface the remote website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Advisory 05/2004: phpMyFAQ local file inclusion vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: phpMyFAQ local file inclusion vulnerability Release Date: 2004/05/18 Last Modified: 2004/05/18 Author: Stefan Esser [email protected] Application: phpMyFAQ stable release = 1.3.12...