SQL injection vulnerability in forum/modules/gallery/post.php in Invision Gallery 2.0.7 allows remote malicious users to cause a denial of service and possibly have other impacts, as demonstrated using a "SELECT BENCHMARK" statement in the img parameter in a doaddcomment operation in index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision gallery 2.0.7 |