CVE-2009-0446
WEBalbum 2.4b - SQL Injection
Title source: llmDescription
SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Mehmet Ince · phpwebappsphp
https://www.exploit-db.com/exploits/7961
Scores
EPSS
0.0028
EPSS Percentile
51.2%
Classification
CWE
CWE-89
Status
draft
Affected Products (1)
web-album/webalbum
Timeline
Published
Feb 10, 2009
Tracked Since
Feb 18, 2026