Vulnerabilities > CVE-2005-2683 - Unspecified vulnerability in PHPkit 1.6.1

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
phpkit
nessus
exploit available

Summary

Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to login/member.php or (2) im_receiver parameter to login/imcenter.php.

Vulnerable Configurations

Part Description Count
Application
Phpkit
1

Exploit-Db

descriptionPHPKit 1.6.1 Multiple SQL Injection Vulnerabilities. CVE-2005-2683 . Webapps exploit for php platform
idEDB-ID:26184
last seen2016-02-03
modified2005-08-22
published2005-08-22
reporterphuket
sourcehttps://www.exploit-db.com/download/26184/
titlePHPKit 1.6.1 - Multiple SQL Injection Vulnerabilities

Nessus

NASL familyCGI abuses
NASL idPHPKIT_MULTIPLE_FLAWS.NASL
descriptionThe remote host is running PHP-Kit, an open source content management system written in PHP. The remote version of this software is vulnerable to multiple remote and local code execution, SQL injection and cross-site scripting flaws.
last seen2020-06-01
modified2020-06-02
plugin id15784
published2004-11-22
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15784
titlePHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities