CVE-2007-3648 Information

Description

SQL injection vulnerability in Webmatic before 2.6.2 and possibly other versions before 2.7 allows remote attackers to execute arbitrary SQL commands via unspecified vectors possibly related to admin/admin_album.php and admin/admin_downloads.php. NOTE: some of these details are obtained from third party information.

Reference

http://osvdb.org/41104 http://secunia.com/advisories/26019 http://www.securityfocus.com/bid/24878 http://www.valarsoft.com/index.php?page=home&notizie=&notID=144npos144 http://www.vupen.com/english/advisories/2007/2465