CyberSec.Space Logo
Back to CVE Browser

CVE-2008-6525

HIGH
7.5
CVSS Severity Score
EPSS Score0.1290%
EPSS Percentile24.33th
PublishedMar 25, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script (Knowledge base Script) allows remote attackers to execute arbitrary SQL commands via the Password parameter (aka the pass field).

Affected Platforms (CPE)

πŸ“¦
Nicephpscripts

Nice Php Faq Script

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/32150
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/46402
πŸ”— https://www.exploit-db.com/exploits/7018
πŸ”— http://www.securityfocus.com/bid/32150
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/46402
πŸ”— https://www.exploit-db.com/exploits/7018

Related Vulnerabilities

CVE-2017-159889.8

Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-665110.0

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP c...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...