Lucene search
PRIOn knowledge basePRION:CVE-2012-0994HistoryFeb 21, 2012 - 1:31 p.m.
Sql injection
2012-02-2113:31:00
PRIOn knowledge base
www.prio-n.com
1
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList parameter.
References
archives.neohapsis.com/archives/bugtraq/2012-02/0037.html
secunia.com/advisories/47875
www.securityfocus.com/bid/51916
www.zenphoto.org/news/zenphoto-1.4.2.1
www.zenphoto.org/trac/changeset/8994
www.zenphoto.org/trac/changeset/8995
exchange.xforce.ibmcloud.com/vulnerabilities/73082
www.htbridge.ch/advisory/HTB23070
Related
cve
cve
CVE-2012-0994
2012-02-21 13:31:45
nvd
nvd
CVE-2012-0994
2012-02-21 13:31:45
cvelist
cvelist
CVE-2012-0994
2012-02-21 00:00:00
packetstorm
packetstorm
ZENphoto 1.4.2 Code Execution / XSS / SQL Injection
2012-02-08 00:00:00
htbridge
htbridge
Multiple vulnerabilities in ZENphoto
2012-01-18 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in ZENphoto
2012-02-13 00:00:00
nessus
nessus
Zenphoto < 1.4.2.1 Multiple Vulnerabilities
2012-03-23 00:00:00