SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php.
References
Configurations
History
21 Nov 2024, 00:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/26077 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/27303 - | |
References | () http://sourceforge.net/project/shownotes.php?release_id=523104&group_id=69353 - | |
References | () http://www.debian.org/security/2007/dsa-1389 - | |
References | () http://www.securityfocus.com/bid/24933 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/35446 - |
Information
Published : 2007-07-19 17:30
Updated : 2024-11-21 00:34
NVD link : CVE-2007-3905
Mitre link : CVE-2007-3905
CVE.ORG link : CVE-2007-3905
JSON object : View
Products Affected
zoph
- zoph
CWE