Netbizcity : Security vulnerabilities, CVEs

Copy

CVE-2007-6635

FAQMasterFlexPlus, possibly 1.5 or 1.52, stores the admin password in cleartext in a database, which might allow context-dependent attackers to obtain the password via unspecified database access.

Max CVSS

6.4

EPSS Score

0.15%

Published

2008-01-04

Updated

2018-10-15

CVE-2007-6634

Multiple SQL injection vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to execute arbitrary SQL commands via the category_id parameter to faq.php, and unspecified other vectors involving additional scripts.

Max CVSS

6.8

EPSS Score

0.15%

Published

2008-01-04

Updated

2018-10-15

CVE-2007-6633

Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts.

Max CVSS

4.3

EPSS Score

0.36%

Published

2008-01-04

Updated

2018-10-15

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!