2 matches found
CVE-2019-25522
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photoid parameter. Attackers can send GET requests to photo.php with malicious photoid values to extract sensitive data, bypass...
CVE-2019-25522 XooGallery Lastest Latest Multiple SQL Injections via photo.php
XooGallery Latest contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through the photoid parameter. Attackers can send GET requests to photo.php with malicious photoid values to extract sensitive data, bypass...