Vulnerability Details CVE-2009-1032
SQL injection vulnerability in gallery_list.php in YABSoft Advanced Image Hosting (AIH) Script 2.3 allows remote attackers to execute arbitrary SQL commands via the gal parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://osvdb.org/52813
- http://secunia.com/advisories/34366
- http://www.securityfocus.com/bid/34176
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49316
- https://www.exploit-db.com/exploits/8238
- http://osvdb.org/52813
- http://secunia.com/advisories/34366
- http://www.securityfocus.com/bid/34176
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49316
- https://www.exploit-db.com/exploits/8238
Products affected by CVE-2009-1032
-
cpe:2.3:a:yabsoft:advanced_image_hosting_script:2.3