|
|
CVE Reference: CVE-2005-3553 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-3553 |
|
|
Description: Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 R2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in conjunction with the login/userinfo.php path and (2) the session parameter (aka the PHPKITSID variable). |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/23013 http://xforce.iss.net/xforce/xfdb/23010 ST 1015167 SAID Secunia Advisory: SA17479 OSVDB 20561 20560 MISC http://www.hardened-php.net/advisory_212005.80.html BUGTRAQ http://cert.uni-stuttgart.de/archive/bugtraq/2005/11/msg00110.html BID 15354 |
|
| Return to the previous page. |
