1.6.6

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-24	CVE-2016-10758	Unrestricted Upload of File with Dangerous Type vulnerability in PHPkit 1.6.6 PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php file to pkinc/admin/mediaarchive.php and pkinc/func/default.php via the image_name parameter. network low complexity phpkit CWE-434	6.5
2015-01-15	CVE-2015-1052	Cross-site Scripting vulnerability in PHPkit 1.6.6 Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT 1.6.6 (Build 160014) allows remote attackers to inject arbitrary web script or HTML via the result parameter to upload_files/pk/include.php. network phpkit CWE-79	4.3