Sql injection

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

CVE-2012-6039

SQL injection vulnerability in viewcomments.php in YABSoft Advanced Image Hosting AIH Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter...

CVE-2012-6039

CVE-2012-6039 affects the YABSoft Advanced Image Hosting (AIH) Script, likely version 2.3. The vulnerability is a SQL injection in view_comments.php exploitable via the gal parameter, enabling remote attackers to execute arbitrary SQL commands. Root cause is an input-driven SQL query without prop...

CVE-2009-4266

CVE-2009-4266 is a Cross-Site Scripting (XSS) vulnerability in the YABSoft AIHS Script, affecting search.php. The issue allows remote attackers to inject arbitrary web script or HTML via the text parameter in AIHS Script 2.2 (and possibly 2.3). The vulnerability is documented with a MEDIUM severi...

CVE-2009-1032

SQL injection vulnerability in gallerylist.php in YABSoft Advanced Image Hosting AIH Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter...

CVE-2009-1032

SQL injection vulnerability in gallerylist.php in YABSoft Advanced Image Hosting AIH Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter...

CVE-2008-2536

SQL injection vulnerability in out.php in YABSoft Advanced Image Hosting AIH Script 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the t parameter...