CVE-2009-4569 Information

Description

SQL injection vulnerability in elkagroup Image Gallery allows remote attackers to execute arbitrary SQL commands via the id parameter to the default URI under news/.

Reference

http://packetstormsecurity.org/0912-exploits/elkagroupv-sql.txt http://www.exploit-db.com/exploits/10330 http://www.securityfocus.com/bid/37229 https://exchange.xforce.ibmcloud.com/vulnerabilities/54585