SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote malicious users to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpkit phpkit 1.6.1 |