SQL injection vulnerability in faq.php in MyPHP Forum 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: the member.php vector is already covered by CVE-2005-0413.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2008-01-04 11:46
Updated : 2024-02-28 11:01
NVD link : CVE-2007-6667
Mitre link : CVE-2007-6667
CVE.ORG link : CVE-2007-6667
JSON object : View
Products Affected
myphp
- myphp_forum
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')