Phpkf Security Vulnerabilities

CVE-2008-6516

Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is...

CVE-2008-6443

SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno...