Vulnerabilities > Sangwan KIM

DATE CVE VULNERABILITY TITLE RISK
2007-02-23 CVE-2006-7025 SQL Injection vulnerability in Sangwan KIM Bookmark4U 2.0/2.1
SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter.
network
low complexity
sangwan-kim CWE-89
7.5
2007-01-25 CVE-2007-0499 Code Injection vulnerability in Sangwan KIM PHPindexpage
PHP remote file inclusion vulnerability in config.php in Sangwan Kim phpIndexPage 1.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the env[inc_path] parameter.
6.8
2006-06-07 CVE-2006-2877 Remote File Include vulnerability in Sangwan KIM Bookmark4U 2.0
PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php.
network
low complexity
sangwan-kim
7.5
2003-12-31 CVE-2003-1253 Code Injection vulnerability in Sangwan KIM Bookmark4U 1.8.3
PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.
network
low complexity
sangwan-kim CWE-94
7.5