IP.Gallery 'img' Parameter SQL Injection Vulnerability

An attacker can exploit the issue using a browser.

The following example URI is available:

http://www.example.com/index.php?automodule=gallery&cmd=si&img=[SQL]


 

Privacy Statement
Copyright 2010, SecurityFocus