CVE-2009-0446
WEBalbum 2.4b - SQL Injection
Title source: llmDescription
SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mehmet Ince · phpwebappsphp
https://www.exploit-db.com/exploits/7961
Scores
EPSS
0.0036
EPSS Percentile
58.3%
Details
CWE
CWE-89
Status
published
Products (1)
web-album/webalbum
2.4b
Published
Feb 10, 2009
Tracked Since
Feb 18, 2026