2 matches found
CVE-2009-0446
SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2009-0446
CVE-2009-0446 concerns a SQL injection in photo.php of WEBalbum 2.4b, allowing remote attackers to execute arbitrary SQL via the id parameter. The root cause is improper input handling in the affected script, enabling concatenation/execution of malicious queries. The NVD entry assigns a base scor...