CVE-2011-1100 Information

Description

Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid (2) id (3) selectfcat (4) selectfmon or (5) selectftag parameter in an images action.

Reference

http://www.exploit-db.com/exploits/16160 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php https://exchange.xforce.ibmcloud.com/vulnerabilities/65474