Vulnerabilities > CVE-2005-3943 - SQL Injection vulnerability in FAQ System
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) FAQ_ID and (2) action parameters in (a) viewFAQ.php; and (3) CATEGORY_ID parameter in (b) index.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description FAQ System 1.1 index.php CATEGORY_ID Parameter SQL Injection. CVE-2005-3943. Webapps exploit for php platform id EDB-ID:26660 last seen 2016-02-03 modified 2005-11-29 published 2005-11-29 reporter r0t source https://www.exploit-db.com/download/26660/ title FAQ System 1.1 index.php CATEGORY_ID Parameter SQL Injection description FAQ System 1.1 viewFAQ.php Multiple Parameter SQL Injection. CVE-2005-3943. Webapps exploit for php platform id EDB-ID:26659 last seen 2016-02-03 modified 2005-11-29 published 2005-11-29 reporter r0t source https://www.exploit-db.com/download/26659/ title FAQ System 1.1 viewFAQ.php Multiple Parameter SQL Injection