SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote malicious users to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
maxdev my_egallery - |