Description

SQL injection vulnerability in rss.php in Zenphoto 1.1 through 1.1.3 allows remote attackers to execute arbitrary SQL commands via the albumnr parameter.

Remediation

References

CVE-2007-6666

Related Vulnerabilities

WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.0)

TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)

WordPress Plugin Mikiurl WordPress Eklentisi Cross-Site Request Forgery (2.0)

WebLogic CVE-2019-2649 Vulnerability (CVE-2019-2649)

Python Improper Encoding or Escaping of Output Vulnerability (CVE-2020-26116)

Severity

High

Classification

CVE-2007-6666 CWE-138

Tags

Missing Update Known Vulnerabilities