SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Particle_gallery | Particle_soft | 1.0.0 (including) | 1.0.0 (including) |
| Particle_gallery | Particle_soft | 1.0.1 (including) | 1.0.1 (including) |
References
- http://osvdb.org/36309
- http://secunia.com/advisories/25524
- http://www.securityfocus.com/bid/24273
- http://www.vupen.com/english/advisories/2007/2044
- https://www.exploit-db.com/exploits/4019
- http://osvdb.org/36309
- http://secunia.com/advisories/25524
- http://www.securityfocus.com/bid/24273
- http://www.vupen.com/english/advisories/2007/2044
- https://www.exploit-db.com/exploits/4019