Vulnerabilities > Sangwan KIM
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-23 | CVE-2006-7025 | SQL Injection vulnerability in Sangwan KIM Bookmark4U 2.0/2.1 SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter. | 7.5 |
2007-01-25 | CVE-2007-0499 | Code Injection vulnerability in Sangwan KIM PHPindexpage PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[inc_path] parameter. | 6.8 |
2006-06-07 | CVE-2006-2877 | Remote File Include vulnerability in Sangwan KIM Bookmark4U 2.0 PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. | 7.5 |
2003-12-31 | CVE-2003-1253 | Code Injection vulnerability in Sangwan KIM Bookmark4U 1.8.3 PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. | 7.5 |