Description
SQL injection vulnerability in sorter.php in the phpManufaktur kitForm extension 0.43 and earlier for the KeepInTouch (KIT) module allows remote attackers to execute arbitrary SQL commands via the sorter_value parameter.
Exploits (1)
References (2)
Core 2
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67000
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Apr/249
Scores
EPSS
0.0042
EPSS Percentile
62.0%
Details
CWE
CWE-89
Status
published
Products (34)
phpmanufaktur/kitform
0.10
phpmanufaktur/kitform
0.11
phpmanufaktur/kitform
0.12
phpmanufaktur/kitform
0.13
phpmanufaktur/kitform
0.14
phpmanufaktur/kitform
0.15
phpmanufaktur/kitform
0.16
phpmanufaktur/kitform
0.17
phpmanufaktur/kitform
0.18
phpmanufaktur/kitform
0.19
... and 24 more
Published
May 15, 2014
Tracked Since
Feb 18, 2026