Unrated severityNVD Advisory· Published Aug 21, 2007· Updated Jun 16, 2026
CVE-2007-4456
CVE-2007-4456
Description
SQL injection vulnerability in index.php in the SimpleFAQ (com_simplefaq) 2.11 component for Mambo allows remote attackers to execute arbitrary SQL commands via the aid parameter. NOTE: it was later reported that 2.40 is also affected, and that the component can be used in Joomla! in addition to Mambo.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:a:mambo:mambo:*:*:*:*:*:*:*:*
cpe:2.3:a:parkview_consultants:simplefaq:2.11:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:parkview_consultants:simplefaq:2.11:*:*:*:*:*:*:*
- cpe:2.3:a:parkview_consultants:simplefaq:2.40:*:*:*:*:*:*:*
- Range: 2.11
Patches
Vulnerability mechanics
References
7- www.securityfocus.com/bid/25376nvdExploit
- secunia.com/advisories/26556nvd
- securityreason.com/securityalert/3041nvd
- www.securityfocus.com/archive/1/477174/100/0/threadednvd
- www.securityfocus.com/archive/1/477232/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/36113nvd
- www.exploit-db.com/exploits/4296nvd
News mentions
0No linked articles in our index yet.