CVE-2005-3938 – SoftBiz FAQ 1.1 - 'add_comment.php?id' SQL Injection

https://notcve.org/view.php?id=CVE-2005-3938

SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. • https://www.exploit-db.com/exploits/26677 https://www.exploit-db.com/exploits/26674 https://www.exploit-db.com/exploits/26673 https://www.exploit-db.com/exploits/26676 https://www.exploit-db.com/exploits/26675 http://pridels0.blogspot.com/2005/11/softbiz-faq-script-multiple-sql-vuln.html http://secunia.com/advisories/17809 http://www.osvdb.org/21257 http://www.osvdb.org/21258 http://www.osvdb.org/21259 http://www.osvdb.org/21260 http://www.osvdb.org •