CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4979

Multiple SQL injection vulnerabilities in search.php in Photokorn Gallery 1.81 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) where[], (2) sort, (3) order, and (4) Match parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://holisticinfosec.org/content/view/120/45/
http://secunia.com/advisories/36150
http://www.securityfocus.com/bid/35966
http://holisticinfosec.org/content/view/120/45/
http://secunia.com/advisories/36150
http://www.securityfocus.com/bid/35966

Products affected by CVE-2009-4979

Keil-Software » Photokorn Gallery » Version: 1.81

cpe:2.3:a:keil-software:photokorn_gallery:1.81

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4979

Products

Pricing

Contact Us