PhpMyFAQ

Unauthenticated SQL injection vulnerability exists in phpMyFAQ <= 4.1.1 due to improper handling of the User-Agent header in BuiltinCaptcha, allowing attackers to inject malicious SQL payloads and potentially gain complete control of the datastore.