Vulnerabilities > Phpkit > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-27 | CVE-2007-6134 | SQL Injection vulnerability in PHPkit 1.6.4Pl1 SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers to execute arbitrary SQL commands via the contentid parameter in an article action to include.php, a different vector than CVE-2006-1773. | 7.5 |
| 2007-01-11 | CVE-2007-0179 | SQL Injection vulnerability in PHPkit 1.6.1 SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter. | 7.5 |
| 2005-11-16 | CVE-2005-3553 | SQL Injection vulnerability in PHPkit Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 R2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in conjunction with the login/userinfo.php path and (2) the session parameter (aka the PHPKITSID variable). | 7.5 |
| 2005-08-23 | CVE-2005-2683 | SQL Injection vulnerability in PHPkit 1.6.1 Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to login/member.php or (2) im_receiver parameter to login/imcenter.php. | 7.5 |
| 2004-12-31 | CVE-2004-1538 | Input Validation vulnerability in PHPkit 1.6.02/1.6.03/1.6.1 SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |