RSS   Vulnerabilities for 'My egallery'   RSS

2009-02-24
 
CVE-2009-0728

CWE-89
 

 
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.

 
2009-08-24
 
CVE-2008-7038

CWE-89
 

 
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.

 

 >>> Vendor: Maxdev 5 Products
Md-pro
Mdforum
Mdpro
My egallery
Cwguestbook


Copyright 2024, cxsecurity.com

 

Back to Top