PHPKIT is a web portal application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied input to the "searchstr" parameter of the "include.php" script when the "path" parameter is set to "login/member.php". PHPKIT version 1.6.1 is affected.
Ref: http://www.securityfocus.com/bid/38324
10.9.85 - CVE: Not Available
Platform: Web Application - SQL Injection
Ref: http://www.securityfocus.com/bid/38324
10.9.85 - CVE: Not Available
Platform: Web Application - SQL Injection
0 comments:
Post a Comment