2 matches found
CVE-2006-3027
Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 CATID parameter in a subphotos.asp and b subLevel2.asp, the 2 ALID parameter in c photo.asp, and the 3 SUBID parameter in d subLevel2.asp...
CVE-2006-3027
Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 CATID parameter in a subphotos.asp and b subLevel2.asp, the 2 ALID parameter in c photo.asp, and the 3 SUBID parameter in d subLevel2.asp...