CVE-2004-0239

Photopost Php Pro - SQL Injection

Title source: rule

Description

SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable.

Exploits (1)

exploitdb WORKING POC

webappsphp

https://www.exploit-db.com/exploits/14453

View on exploitdb

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=107582512023998&w=2

[Various Sources] http://www.securiteam.com/securitynews/5KP010UC0W.html

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/9557

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15008

Scores

EPSS 0.0038

EPSS Percentile 59.0%

Classification

Status draft

Affected Products (6)

photopost/photopost_php_pro

Timeline

Published Nov 23, 2004

Tracked Since Feb 18, 2026