CVE-2005-3935

SocketKB 1.1.0 and earlier is affected by a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL via the (1) node and (2) art_id parameters. The vulnerability’s root cause is improper handling of SQL queries related to these parameters, enabling potentially partial to...

CVE-2007-5647

CVE-2007-5647 affects SocketKB 1.1.5, exposing multiple XSS vulnerabilities in the article action path. The flaws allow remote attackers to inject arbitrary web script or HTML via the art_id or node parameters sent to the default URI. According to NVD, the impact is partial integrity loss without...

CVE-2005-3936

SocketKB 1.1.0 and earlier are affected by a PHP file include vulnerability that allows remote attackers to include arbitrary local files via the __f parameter. The issue is a local file inclusion flaw in PHP, enabling an attacker to read or disclose local files as part of the vulnerability chain...