CVE-2005-0929 Information

Description

SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.

Reference

http://marc.info/?l=bugtraq&m=111205342909640&w=2 http://marc.info/?l=bugtraq&m=111213719017716&w=2 http://secunia.com/advisories/14742 http://securitytracker.com/id?1013581 http://www.osvdb.org/15099 http://www.osvdb.org/15100