RSS   Vulnerabilities for 'Nitro web gallery'   RSS

2010-06-02
 
CVE-2010-2141

CWE-89
 

 
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.

 
2008-06-23
 
CVE-2008-2817

CWE-89
 

 
SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action.

 


Copyright 2024, cxsecurity.com

 

Back to Top