VYPR
Unrated severityNVD Advisory· Published Aug 16, 2005· Updated Jun 16, 2026

CVE-2005-2561

CVE-2005-2561

Description

Multiple SQL injection vulnerabilities in MYFAQ 1.0 allow remote attackers to execute arbitrary SQL commands via the Theme parameter to (1) affichagefaq.php3, (2) choixsoustheme.php3, (3) consultation.php3, (4) insfaq.php3, (5) inssoustheme.php3, (6) instheme.php3, (7) saisiefaqtotale.php3, (8) saisiesoustheme.php3, or (9) voirfaq.php3, the SousTheme parameter to (10) affichagefaq.php3, (11) consultation.php3, (12) insfaq.php3, (13) inssoustheme.php3, (14) saisiefaq.php3, (15) saisiefaqtotale.php3, or (16) voirfaq.php3, the Faq parameter to (17) saisiefaq.php3, (18) voirfaq.php3, or (19) inssolution.php3, or (20) question parameter to affichagefaq.php3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Myfaq/Myfaq2 versions
    cpe:2.3:a:myfaq:myfaq:1.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:myfaq:myfaq:1.0:*:*:*:*:*:*:*
    • (no CPE)range: <=1.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.