VYPR

Bookmark4u

by Sangwan Kim

CVEs (3)

  • CVE-2006-2877Jun 7, 2006
    risk 0.04cvss epss 0.07

    PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported…

  • CVE-2006-7025Feb 23, 2007
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in admin/config.php in Bookmark4U 2.0 and 2.1 allows remote attackers to inject arbitrary SQL command via the sqlcmd parameter.

  • CVE-2003-1253Dec 31, 2003
    risk 0.00cvss epss 0.01

    PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.