Unrated severityNVD Advisory· Published Apr 11, 2008· Updated Apr 23, 2026

CVE-2008-1726

Description

Multiple SQL injection vulnerabilities in KnowledgeQuest 2.6, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) kqid parameter to (a) articletext.php and (b) articletextonly.php and the (2) username parameter to (c) logincheck.php.

Affected products

Myknowledgequest/Knowledgequest
cpe:2.3:a:myknowledgequest:knowledgequest:2.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/28713nvdExploit
www.securityfocus.com/bid/28716nvdExploit
secunia.com/advisories/29716nvdVendor Advisory
www.osvdb.org/44254nvd
www.osvdb.org/44255nvd
www.osvdb.org/44256nvd
exchange.xforce.ibmcloud.com/vulnerabilities/41746nvd
www.exploit-db.com/exploits/5421nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000