phpkf CVE Vulnerabilities & Metrics

Focus on phpkf vulnerabilities and metrics.

Last updated: 15 Feb 2026, 23:25 UTC

About phpkf Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with phpkf. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total phpkf CVEs: 1
Earliest CVE date: 09 Mar 2009, 14:30 UTC
Latest CVE date: 15 Jan 2026, 16:16 UTC

Latest CVE reference: CVE-2021-47753

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical phpkf CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 5.0

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	1
4.0-6.9	0
7.0-8.9	2
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS phpkf CVEs

These are the five CVEs with the highest CVSS scores for phpkf, sorted by severity first and recency.

CVE-2008-6516 phpkf Published on 25 Mar 2009, 18:30 UTC (CVSS: 7.5)
Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2008-6443 phpkf Published on 09 Mar 2009, 14:30 UTC (CVSS: 7.5)
SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.
CVE-2021-47753 phpkf Published on 15 Jan 2026, 16:16 UTC (CVSS: 0)
phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file disguised as a PNG, rename it, and execute system commands through a crafted web shell parameter.

All CVEs for phpkf

CVE-2021-47753 phpkf vulnerability CVSS: 0 15 Jan 2026, 16:16 UTC

phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary code by bypassing file extension checks. Attackers can upload a PHP file disguised as a PNG, rename it, and execute system commands through a crafted web shell parameter.

CVE-2008-6516 phpkf vulnerability CVSS: 7.5 25 Mar 2009, 18:30 UTC

Multiple directory traversal vulnerabilities in phpKF-Portal 1.10 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) tema_dizin parameter to baslik.php and (2) portal_ayarlarportal_dili parameter to anket_yonetim.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2008-6443 phpkf vulnerability CVSS: 7.5 09 Mar 2009, 14:30 UTC

SQL injection vulnerability in forum_duzen.php in phpKF allows remote attackers to execute arbitrary SQL commands via the fno parameter.