Unrated severityNVD Advisory· Published Dec 1, 2005· Updated Apr 24, 2026

CVE-2005-3938

Description

SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php.

Affected products

Softbizscripts/Faq Script
cpe:2.3:a:softbizscripts:faq_script:*:*:*:*:*:*:*:*
Range: <=1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17809nvdThird Party Advisory
pridels0.blogspot.com/2005/11/softbiz-faq-script-multiple-sql-vuln.htmlnvdBroken Link
www.osvdb.org/21257nvdBroken Link
www.osvdb.org/21258nvdBroken Link
www.osvdb.org/21259nvdBroken Link
www.osvdb.org/21260nvdBroken Link
www.osvdb.org/21261nvdBroken Link
www.securityfocus.com/bid/15653nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000