Invision Power Services Invision Gallery 1.0.1 - Multiple SQL Injections

source: https://www.securityfocus.com/bid/9944/info It has been reported that Invision Gallery may be prone to multiple sql injection vulnerabilities, allowing an attacker to influence SQL query logic. The issues exist due to insufficient sanitization of user-supplied data via the 'img', 'cat',...