Description
SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.
Exploits (2)
References (2)
Core 2
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13845
Patch, Vendor Advisory x_refsource_misc
http://www.yamamah.org/home/?page=39
Scores
EPSS
0.0037
EPSS Percentile
59.0%
Details
CWE
CWE-89
Status
published
Products (1)
yamamah/yamamah
1.00
Published
Jun 18, 2010
Tracked Since
Feb 18, 2026