CVE-2010-1343

Description

SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter.

Affected products

• bjsintay / sitex0.7.4 – 0.7.4

References

• EXPLOIThttp://www.exploit-db.com/exploits/11881
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/57173
• MISChttp://www.securityfocus.com/bid/38976