SQL injection in Zoph before 0.7.0.1 allows remote attackers to execute arbitrary SQL commands via _order parameter to photos.php and edit_photos.ph
Reporter | Title | Published | Views | Family All 16 |
---|---|---|---|---|
![]() | [SECURITY] [DSA 1389-2] New zoph packages fix SQL injection | 24 Oct 200722:21 | – | debian |
![]() | [SECURITY] [DSA 1389-1] New zoph packages fix SQL injection | 18 Oct 200720:39 | – | debian |
![]() | [SECURITY] [DSA 1389-1] New zoph packages fix SQL injection | 20 Oct 200700:00 | – | securityvulns |
![]() | Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | 20 Oct 200700:00 | – | securityvulns |
![]() | CVE-2007-3905 | 19 Jul 200717:00 | – | cvelist |
![]() | Debian DSA-1389-2 : zoph - missing input sanitising | 25 Oct 200700:00 | – | nessus |
![]() | zoph - SQL injection | 18 Oct 200700:00 | – | osv |
![]() | zoph - SQL injection | 18 Oct 200700:00 | – | osv |
![]() | CVE-2007-3905 | 19 Jul 200717:30 | – | cve |
![]() | Debian Security Advisory DSA 1389-1 (zoph) | 17 Jan 200800:00 | – | openvas |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | zoph | 0.7.0.2-1 | zoph_0.7.0.2-1_all.deb |
Debian | 11 | all | zoph | 0.7.0.2-1 | zoph_0.7.0.2-1_all.deb |
Debian | 999 | all | zoph | 0.7.0.2-1 | zoph_0.7.0.2-1_all.deb |
Debian | 13 | all | zoph | 0.7.0.2-1 | zoph_0.7.0.2-1_all.deb |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo