Sql injection

SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter...

CVE-2007-0179

CVE-2007-0179 affects PHPKIT 1.6.1 R2 via an SQL injection in comment.php, exploitable through the subid parameter to execute arbitrary SQL commands remotely. The connected documents confirm the affected component and vulnerability type but do not provide explicit exploit steps, affected versions...

CVE-2007-0179

SQL injection vulnerability in comment.php in PHPKIT 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the subid parameter...

PHPKit 1.6.1 - 'comment.php' SQL Injection

source: https://www.securityfocus.com/bid/21962/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modi...

PHPKit 1.6.1 - comment.php SQL Injection

PHPKit 1.6.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/21962/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit

+-------------------------------------------------------------------- + + PHPKit 1.6.1 RC2 + + Original advisory: + http://www.bb-pcsecurity.de/ + +-------------------------------------------------------------------- + + Affected Software .: PHPKit 1.6.1 RC2 + Venedor ...........:...

PHPKit161rc2.txt

+-------------------------------------------------------------------- + + PHPKit 1.6.1 RC2 + + Original advisory: + http://www.bb-pcsecurity.de/ + +-------------------------------------------------------------------- + + Affected Software .: PHPKit 1.6.1 RC2 + Venedor ...........:...

PHPKIT <= 1.6.1R2 (search_user) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print q ----------------------------------------------- PHPKit 1.6.1 exploit by x23 phcn.ws geek-network.de use: phpkit161.pl server dir vicid sample: $ perl phpkit161.pl localhost /phpkit/ 1...

PHPKIT <= 1.6.1R2 (search_user) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ PHPKIT newProto="tcp", PeerAddr="$webpage", PeerPort="80" || die "+ Can't connect to Server\n"; print " exploiting\n"; print $sock "POST...

PHPKIT 1.6.1R2 - &#039;search_user&#039; SQL Injection

!/usr/bin/perl use IO::Socket; print q ----------------------------------------------- PHPKit 1.6.1 exploit by x23 phcn.ws geek-network.de use: phpkit161.pl server dir vicid sample: $ perl phpkit161.pl localhost /phpkit/ 1 ----------------------------------------------- ; $webpage = $ARGV0;...

PHPKit 1.6.1 - &#039;popup.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/20911/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modi...

PHPKIT 1.6.1R2 - search_user SQL Injection

PHPKIT 1.6.1R2 - searchuser SQL Injection !/usr/bin/perl use IO::Socket; print q ----------------------------------------------- PHPKit 1.6.1 exploit by x23 phcn.ws geek-network.de use: phpkit161.pl server dir vicid sample: $ perl phpkit161.pl localhost /phpkit/ 1...

PHPKit 1.6.1 - popup.php SQL Injection

PHPKit 1.6.1 - popup.php SQL Injection source: https://www.securityfocus.com/bid/20911/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

Sql injection

SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to execute arbitrary SQL commands via the contentid parameter, possibly involving content/news.php...

CVE-2006-1773

SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to execute arbitrary SQL commands via the contentid parameter, possibly involving content/news.php...

CVE-2006-1773

SQL injection vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to execute arbitrary SQL commands via the contentid parameter, possibly involving content/news.php...

CVE-2006-1773

The CVE-2006-1773 entry describes an SQL injection vulnerability in include.php for PHPKIT 1.6.1 Release 2 and earlier. The issue arises via the contentid parameter (potentially involving content/news.php), allowing a remote attacker to execute arbitrary SQL commands. The affected product is PHPK...

PHPKIT 1.6.1 R2 - &#039;Include.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/17467/info PHPKIT is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...

PHPKIT 1.6.1 R2 - Include.php SQL Injection

PHPKIT 1.6.1 R2 - Include.php SQL Injection source: https://www.securityfocus.com/bid/17467/info PHPKIT is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit coul...

phpkitXSS.txt

Subject: XSS in PHPKIT Version 1.6.03 http://www.example.com/include.php?path=login/login.php&error=alertdocument.Cookie Discovered by BadNet !!!!...