Vulnerabilities > Phpkit > Medium

DATE CVE VULNERABILITY TITLE RISK
2005-08-26 CVE-2005-2699 File-Upload vulnerability in PHPkit 1.6.1
Unrestricted file upload vulnerability in admin/admin.php in PHPKit 1.6.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a .php file to the content/images/ directory using images.php.
local
low complexity
phpkit
4.6
4.6
2004-12-31 CVE-2004-1879 HTML Injection vulnerability in PHPkit 1.6.03
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject arbitrary web script or HTML via forum messages.
network
phpkit
4.3
4.3
2004-12-31 CVE-2004-1537 Input Validation vulnerability in PHPkit 1.6.02/1.6.03/1.6.1
Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to execute arbitrary web script via the img parameter.
network
phpkit
4.3
4.3