2 matches found
CVE-2009-4979
Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 where, 2 sort, 3 order, and 4 Match parameters...
CVE-2009-4979
Photokorn Gallery ≤ 1.81 is affected by multiple SQL injection vulnerabilities in search.php, exploitable via the (1) where[], (2) sort, (3) order, and (4) Match parameters. The underlying issue is improper input handling in the search functionality, allowing remote attackers to execute arbitrary...