2 matches found
CVE-2009-4934
The CVE-2009-4934 entry describes a Cross-site Scripting (XSS) vulnerability in Online Photo Pro 2.0, specifically in index.php, exploitable via the section parameter. Affected software/component: Online Photo Pro 2.0 (index.php). Root cause as stated: unsanitized input in the section parameter l...
CVE-2010-4999
CVE-2010-4999 corresponds to an SQL injection vulnerability in esoftpro Online Photo Pro 2.0, exploitable via the section parameter in index.php. The connected documents confirm the affected component and describe the vulnerability as enabling remote SQL command execution, but do not provide tech...