Jevontech Phpenpals vulnerabilities
2 known vulnerabilities affecting jevontech/phpenpals.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2009-1814P3HIGHCVSS 7.5PoC≤ 1.12009-05-29
CVE-2009-1814 [HIGH] CVE-2009-1814: SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to exec
SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074.
nvd
CVE-2006-0074P3HIGHCVSS 7.5PoC≤ 1.12006-01-04
CVE-2006-0074 [HIGH] CWE-89 CVE-2006-0074: SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary
SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected.
nvd