2 matches found
CVE-2006-2184
CVE-2006-2184 describes a cross-site scripting (XSS) vulnerability in the PHPKB Knowledge Base product, affecting the search.php component where the vulnerability is triggered via the searchkeyword parameter. The issue allows remote attackers to inject arbitrary web script or HTML. Root cause is ...
CVE-2008-1909
CVE-2008-1909 is a SQL injection vulnerability in PHP Knowledge Base (PHPKB) 1.5 and 2.0, affecting the comment.php handler. The underlying issue is an injection via the ID parameter, enabling remote attackers to execute arbitrary SQL commands. Affected software is PHPKB Knowledge Base Software (...