Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.
CPE | Name | Operator | Version |
---|---|---|---|
photokorn_gallery | le | 1.81 |