CVE-2008-4627 Information

Description

SQL injection vulnerability in the rGallery plugin 1.09 for WoltLab Burning Board (WBB) allows remote attackers to execute arbitrary SQL commands via the itemID parameter in the RGalleryImageWrapper page in index.php.

Reference

http://secunia.com/advisories/32323 http://securityreason.com/securityalert/4443 http://www.securityfocus.com/bid/31820 https://exchange.xforce.ibmcloud.com/vulnerabilities/45966 https://www.exploit-db.com/exploits/6790