Phpenpals
by Jevontech
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-1814 | 0.03 | — | 0.00 | May 29, 2009 | SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074. | ||
| CVE-2006-0074 | 0.03 | — | 0.01 | Jan 4, 2006 | SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected. |