Description
SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field).
Exploits (1)
References (3)
Core 3
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/7018
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32150
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46402
Scores
EPSS
0.0014
EPSS Percentile
33.9%
Details
CWE
CWE-89
Status
published
Products (1)
nicephpscripts/nice_php_faq_script
Published
Mar 25, 2009
Tracked Since
Feb 18, 2026