VYPR

FAQ Script

by Softbizscripts

CVEs (3)

  • CVE-2005-3938Dec 1, 2005
    risk 0.03cvss epss 0.04

    SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php.

  • CVE-2018-19457Nov 22, 2018
    risk 0.01cvss epss 0.04

    Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file.

  • CVE-2023-3535Jul 7, 2023
    risk 0.00cvss epss 0.00

    A vulnerability was found in SimplePHPscripts FAQ Script PHP 2.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The…