Vulnerabilities > CVE-2006-7115 - Unspecified vulnerability in PHPkit 1.6.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.securityfocus.com/bid/21002
- http://www.osvdb.org/31265
- http://secunia.com/advisories/17479
- http://securityreason.com/securityalert/2357
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30209
- http://www.securityfocus.com/archive/1/451304/100/0/threaded
- http://www.bb-pcsecurity.de/websecurity/532/org/PHPKit_1.6.1_RC2_%28faq-faq.php%29_Remote_SQL_Injection_Exploit.htm