Vulnerabilities > CVE-2005-4064 - SQL Injection vulnerability in Alan Ward A-Faq 1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) faqid parameter to faqDspItem.asp and (2) catcode parameter to faqDsp.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description A-FAQ 1.0 faqDspItem.asp faqid Parameter SQL Injection. CVE-2005-4064. Webapps exploit for asp platform id EDB-ID:26746 last seen 2016-02-03 modified 2005-12-06 published 2005-12-06 reporter r0t source https://www.exploit-db.com/download/26746/ title A-FAQ 1.0 faqDspItem.asp faqid Parameter SQL Injection description A-FAQ 1.0 faqDsp.asp catcode Parameter SQL Injection. CVE-2005-4064. Webapps exploit for asp platform id EDB-ID:26747 last seen 2016-02-03 modified 2005-12-06 published 2005-12-06 reporter r0t source https://www.exploit-db.com/download/26747/ title A-FAQ 1.0 faqDsp.asp catcode Parameter SQL Injection