Jevontech: >> Phpenpals Security Vulnerabilities
SQL injection vulnerability in mail.php in PHPenpals 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the profile.php vector is already covered by CVE-2006-0074.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-05-29
SQL injection vulnerability in profile.php in PHPenpals allows remote attackers to execute arbitrary SQL commands via the personalID parameter. NOTE: it was later reported that 1.1 and earlier are affected.
CVSS Score
7.5
EPSS Score
0.013
Published
2006-01-04