All Enthusiast Photopost PHP Pro SQL Injection Vulnerability

It has been reported that Photopost PHP Pro may be prone to a SQL injection vulnerability that may allow an attacker to influence SQL query logic to disclose sensitive information. The issue exists due to insufficient sanitization of user-supplied data via the 'photo' parameter of 'showphoto.php' script.

Photopost PHP Pro versions 4.6 and prior have been reported to be prone to this vulnerability.


 

Privacy Statement
Copyright 2010, SecurityFocus