CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Ktools: >> Photostore >> 3.4.3 Security Vulnerabilities

CVE-2008-6647

SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.

CVSS Score

7.5

EPSS Score

0.002

Published

2009-04-07

CVE-2008-6648

SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php. NOTE: this might be the same issue as CVE-2008-6647.

CVSS Score

7.5

EPSS Score

0.002

Published

2009-04-07

CVE-2008-6649

SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.

CVSS Score

7.5

EPSS Score

0.002

Published

2009-04-07

Page 1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved