CVE-2007-2749

FAQEngine <4.16.03 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in question.php in FAQEngine 4.16.03 and earlier allows remote attackers to execute arbitrary SQL commands via the questionref parameter in a display action.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Silentz · perlwebappsphp
https://www.exploit-db.com/exploits/3943

References (5)

Scores

EPSS 0.0056
EPSS Percentile 68.2%

Details

Status published
Products (1)
faqengine/faqengine < 4.16.03
Published May 17, 2007
Tracked Since Feb 18, 2026