Описание
SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.
SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-7115
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30209
- http://secunia.com/advisories/17479
- http://securityreason.com/securityalert/2357
- http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_%28faq-faq.php%29_Remote_SQL_Injection_Exploit.htm
- http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_(faq-faq.php)_Remote_SQL_Injection_Exploit.htm
- http://www.osvdb.org/31265
- http://www.securityfocus.com/archive/1/451304/100/0/threaded
- http://www.securityfocus.com/bid/21002
EPSS
CVE ID
Связанные уязвимости
SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.
EPSS