CVE-2006-7115

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
06/03/2007
Last modified:
09/04/2025

Description

SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:phpkit:phpkit:1.6.1:rc2:*:*:*:*:*:*