Description

SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages.

Remediation

References

CVE-2005-0702

Related Vulnerabilities

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Request Forgery (2.0.39)

WordPress Plugin Translate Multilingual sites-TranslatePress Cross-Site Scripting (2.0.8)

WordPress Plugin Logo Showcase with Slick Slider-Logo Carousel, Logo Slider & Logo Grid Cross-Site Request Forgery (2.0)

WordPress Plugin MyBB Cross-Poster Cross-Site Scripting (1.0)

WordPress Plugin YARPP-Yet Another Related Posts Multiple Vulnerabilities (4.2.4)

Severity

Medium

Classification

CVE-2005-0702

Tags

Missing Update Known Vulnerabilities