[VIM] PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability
rkeith
rkeith at securityfocus.com
Tue Aug 3 12:52:29 CDT 2010
Thanks George.
We concur, and are retiring BID 41946 as a duplicate of 9557.
-Rob
George A. Theall wrote:
> Exploit DB 14453 talks about two SQL injection vulnerabilities in an old
> version of PhotoPost, the second involving the 'photo' parameter to the
> 'showphoto.php' script. It looks like BID 41946 was created based on the
> same advisory.
>
> Isn't that issue the same as one reported by Digital Crab in 2004 and
> covered by CVE-2004-0239 / BID 9557?
>
> George
--
Rob Keith
Symantec
More information about the VIM
mailing list