Vulnerabilities > Alan Ward > A FAQ
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-31 | CVE-2006-6831 | SQL-Injection vulnerability in Alan Ward A-Faq 1.0 SQL injection vulnerability in faqDsp.asp in aFAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catcode parameter. | 7.5 |
| 2005-12-07 | CVE-2005-4064 | SQL Injection vulnerability in Alan Ward A-Faq 1.0 Multiple SQL injection vulnerabilities in A-FAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) faqid parameter to faqDspItem.asp and (2) catcode parameter to faqDsp.asp. | 7.5 |