Sql injection

2008-01-1520:00:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

29.4%

JSON

Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and © thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.

CPENameOperatorVersion
asp_photo_galleryeq1.0

CPE	Name	Operator	Version
	asp_photo_gallery	eq	1.0

References

secunia.com/advisories/28447

www.securityfocus.com/bid/27262

exchange.xforce.ibmcloud.com/vulnerabilities/39646

www.exploit-db.com/exploits/4900