CVE-2010-2335 Information

Description

SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00 as distributed before 20100618 allows remote attackers to execute arbitrary SQL commands via the news parameter.

Reference

http://www.exploit-db.com/exploits/13845 http://www.yamamah.org/home/?page=39