CVE-2009-1650

Multiple SQL injection vulnerabilities in photos.php in Shutter 0.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) albumID, (2) tagID, and (3) photoID parameters to index.html.
Configurations

Configuration 1 (hide)

cpe:2.3:a:tenfourzero:shutter:0.1.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-05-16 18:30

Updated : 2024-02-28 11:21


NVD link : CVE-2009-1650

Mitre link : CVE-2009-1650

CVE.ORG link : CVE-2009-1650


JSON object : View

Products Affected

tenfourzero

  • shutter
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')