RSS   Vulnerabilities for 'Ephotos'   RSS

2006-06-15
 
CVE-2006-3027

 

 
Multiple SQL injection vulnerabilities in Enthrallwebe ePhotos 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) CAT_ID parameter in (a) subphotos.asp and (b) subLevel2.asp, the (2) AL_ID parameter in (c) photo.asp, and the (3) SUB_ID parameter in (d) subLevel2.asp.

 

 >>> Vendor: Enthrallweb 12 Products
Ephotos
Eshopping cart
Ehomes
Eclassifieds
Epages
Ecars
Dragon business directory pro
Ejobs
Emates
Ecoupons
Enews
Ereservations


Copyright 2019, cxsecurity.com

 

Back to Top