7.5
CVSSv2

CVE-2007-6666

Published: 04/01/2008 Updated: 29/09/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in rss.php in Zenphoto 1.1 up to and including 1.1.3 allows remote malicious users to execute arbitrary SQL commands via the albumnr parameter.

Affected Products

Vendor Product Versions
ZenphotoZenphoto1.1, 1.1.1, 1.1.2, 1.1.3

Exploits

#!/usr/bin/perl -w ################################################################################# # # # Zenphoto 113 SQL Injection Exploit # # # # ...