cpe:/a:phpmyfaq:phpmyfaq:1.6.7 CVE-2006-6912 2006-12-31T00:00:00.000-05:00 2017-07-28T21:29:43.687-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-01-09T16:21:00.000-05:00 ALLOWS_OTHER_ACCESS BID 21944 SECUNIA 23651 VUPEN ADV-2007-0077 CONFIRM http://www.phpmyfaq.de/advisory_2006-12-15.php XF phpmyfaq-attachment-sql-injection(32802) SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter.