CVE-2008-6649

2009-04-0710:00:00

mitre

www.cve.org

AI Score

8.4

Confidence

Low

EPSS

0.002

Percentile

58.5%

JSON

SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

References

osvdb.org/45142

secunia.com/advisories/30194

www.securityfocus.com/bid/29136

exchange.xforce.ibmcloud.com/vulnerabilities/42408

www.exploit-db.com/exploits/5582