NuytsTech Security

CVE-2005-3943

by ·

Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php.

Date published : 2005-12-01

http://www.securityfocus.com/bid/15640

http://pridels0.blogspot.com/2005/11/faq-system-11-sql-inj-vuln.html

Tags: