Required CVE Record Information
Description
SQL injection vulnerability in index.php in RTWebalbum 1.0.462 allows remote attackers to execute arbitrary SQL commands via the AlbumId parameter.
References 7 Total
- http://rtwebalbum.svn.sourceforge.net/viewvc/rtwebalbum/index.php?view=log
- secunia.com: 35022 third-party-advisory
- http://rtwebalbum.svn.sourceforge.net/viewvc/rtwebalbum/
- securityfocus.com: 34888 vdb-entry
- securityfocus.com: 20090508 BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462--> mailing-list
- exchange.xforce.ibmcloud.com: rtwebalbum-index-sql-injection(50406) vdb-entry
- exploit-db.com: 8648 exploit
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- http://rtwebalbum.svn.sourceforge.net/viewvc/rtwebalbum/index.php?view=log x_transferred
- secunia.com: 35022 third-party-advisoryx_transferred
- http://rtwebalbum.svn.sourceforge.net/viewvc/rtwebalbum/ x_transferred
- securityfocus.com: 34888 vdb-entryx_transferred
- securityfocus.com: 20090508 BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462--> mailing-listx_transferred
- exchange.xforce.ibmcloud.com: rtwebalbum-index-sql-injection(50406) vdb-entryx_transferred
- exploit-db.com: 8648 exploitx_transferred