Description

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages.

Remediation

References

CVE-2005-0702

Related Vulnerabilities

Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5499)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2865)

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10680)

PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43766)

WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.8.5.7)

Severity

Medium

Classification

CVE-2005-0702

Tags

Missing Update Known Vulnerabilities