SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Zoph |
Zoph |
* |
0.7 |
References