1.6.1

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

phpkit

nessus

NVD

Published: 2004-12-31

Updated: 2024-11-20

Summary

SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Vulnerable Configurations

Part	Description	Count
Application	Phpkit Phpkit Phpkit 1.6.02 Phpkit Phpkit 1.6.03 Phpkit Phpkit 1.6.1	3

Nessus

NASL family	CGI abuses
NASL id	PHPKIT_MULTIPLE_FLAWS.NASL
description	The remote host is running PHP-Kit, an open source content management system written in PHP. The remote version of this software is vulnerable to multiple remote and local code execution, SQL injection and cross-site scripting flaws.
last seen	2020-06-01
modified	2020-06-02
plugin id	15784
published	2004-11-22
reporter	This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15784
title	PHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities

Summary

Vulnerable Configurations

Nessus

References