Back to search
CVE-2014-9235
Published: Dec 3, 2014
Modified: Sep 17, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) _action parameter to group.php or (2) user.php or the (3) location_id parameter to photos.php in php/.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20141117 Zoph <= 0.9.1 - Multiple Vulnerabilities
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now