Description
SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute arbitrary SQL commands via the id parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by AtT4CKxT3rR0r1ST · textwebappsphp
https://www.exploit-db.com/exploits/15891
References (2)
Core 2
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/15891
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42792
Scores
EPSS
0.0023
EPSS Percentile
46.1%
Details
CWE
CWE-89
Status
published
Products (1)
gallarific/php_photo_gallery_script
2.1
Published
Jan 20, 2011
Tracked Since
Feb 18, 2026