2005-03-09 05:00:00
mitre
PUBLISHED
SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to the database via the username field in forum messages.