SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.
CPE | Name | Operator | Version |
---|---|---|---|
photostore | eq | 3.5.2 | |
photostore | eq | 3.4.3 |