VYPR

Faq

by Drupal

CVEs (3)

  • CVE-2006-2884Jun 7, 2006
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.

  • CVE-2006-2883Jun 7, 2006
    risk 0.03cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.

  • CVE-2012-1646Sep 25, 2012
    risk 0.00cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via the (1) title parameter in faq.admin.inc or (2) detailed_question parameter in…