Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« Coppermine Photo Gallery SQL Injection
LiveCart SQL Injection Vulnerability »

KwsPHP ConcoursPhoto Module SQL Injection

Published by TL Guan April 18th, 2008 in Image Galleries and SQL Injection.

Application: KwsPHP ConcoursPhoto Module
Affected Version: 2.0 and prior version.
Vendor’s URL: KwsPHP ConcoursPhoto Module
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Update to version 2.1.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional