14516

http://www.phpmyfaq.de/advisory_2005-03-06.php

The remote host is running a version of phpMyFAQ that fails to sufficiently sanitize the 'username' parameter before using it in SQL queries.  As a result, a remote attacker can pass malicious input to database queries, potentially resulting in data exposure, data modification, or attacks against the database itself.

The remote host is running phpMyFAQ, a web-based Frequently-Asked-Questions (FAQ) application.  This version of phpMyFAQ is vulnerable to a remote SQL injection attack.  An attacker exploiting this flaw would send a specially crafted HTTP request to the application.  Upon parsing the request, the server would be coerced into running commands embedded within the request.  A successful attack would give the attacker the ability to view data, modify data, and potentially execute systems commands with the permission of the web server.

ID	Name	Product	Family	Severity
17298	phpMyFAQ Forum Message username Field SQL Injection	Nessus	CGI abuses	high
2675	phpMyFAQ < 1.6.0 SQL Injection (deprecated)	Nessus Network Monitor	CGI	high

CVE-2005-0702

medium

Tenable Plugins

high

high