Back to search
CVE-2008-6348
Published: Mar 2, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter to gallery_category.php, (2) photo_id parameter to gallery_photo.php, and the (3) user_name and (4) user_pass parameters to admin/index.php. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32145
vdb-entry
x_refsource_BID
32593
third-party-advisory
x_refsource_SECUNIA
photogallery-multiple-sql-injection(46400)
vdb-entry
x_refsource_XF
7016
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now