CVE-2006-7115

SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.

Date published : 2007-03-05

http://www.securityfocus.com/bid/21002

http://www.securityfocus.com/archive/1/451304/100/0/threaded