2 matches found
Sql injection
SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862...
CVE-2006-2862
CVE-2006-2862 describes a SQL injection in viewimage.php for Particle Gallery 1.0.0 and earlier, exploitable via the imageid parameter. The vulnerability arises from improper handling of the parameter, allowing remote attackers to execute arbitrary SQL commands. The connected records also confirm...