CVE-2012-1022

UNRATEDInjection

Description

SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action.

Affected products

4Homepages / 4images1.7.10 – 1.7.10

References

MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/72932
MISChttp://www.securityfocus.com/bid/51774
EXPLOIThttp://packetstormsecurity.org/files/109290/4images-xss.txt