Security Advisory 2005-03-06

SQL injection vulnerability in phpMyFAQ version 1.4 and 1.5

Issued on:

2005-03-06

Software:

phpMyFAQ version 1.4 and 1.5

Risk:

medium

Platforms:

all

The phpMyFAQ Team has learned of a possible SQL injection vulnerability in phpMyFAQ version 1.4

and 1.5.

Description

phpMyFAQ lets public users add FAQ records to the database. The records will be saved into the

database but aren't visible by default.

Impact

Input passed to the username field in forum messages isn't properly sanitised before being

stored.

Solution

The phpMyFAQ Team has released a new phpMyFAQ version 1.4.7 and 1.5.0 RC2, which incorporate a

fix for the SQL injection vulnerability. All users of affected phpMyFAQ versions are encouraged

to upgrade to this latest version.

Workaround

There is no workaround except installing the new version.

Credits

The phpMyFAQ Team would like to thank Sven Michels of sectoor GmbH for discovering this SQL

injection vulnerability.