CVE-2012-4925
CVE-2012-4925 describes multiple SQL injection vulnerabilities in Img Pals Photo Host 1.0, triggered via the u parameter in approve.php when performing app0 or app1 actions. The issue allows remote attackers to execute arbitrary SQL commands. The CVSSv2 score is 7.5 (HIGH) with network attack vec...