CVE-2012-5289 Information

Description

Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php.

Reference

http://packetstormsecurity.org/files/view/108295/ploggerphotogallery-sql.txt http://www.securityfocus.com/bid/51228 http://www.securitytracker.com/id?1027608 https://exchange.xforce.ibmcloud.com/vulnerabilities/72079