phpkitSQLXSS.txt

Author: Steve Date: November 22, 2004 Affected Software:PHP KIT Software Version: 1.6.03 - 1.6.1 Software URL: http://www.phpkit.de Attack: SQL Injection, allowing people to manipulate the query into pulling data. XSS What is PHPKIT: PHPKIT is a modular developed Homepage Software which can simpl...

phpkit suffers (reale stupid) XSS vuln.

Software: phpkit Version: 1.6.03 others are probably affected as well. Status: Vendor has been notified weeks ago but refuses to answer or take any actions. phpkit1 is a simple German cms / portal software written in php similar to phpbb / phpnuke and is quite popular in Germany. All session...