|
| Description: | | SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862. |
|
| Impact: | | An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully. |
|
| Affected OS: | | Windows, Linux, FreeBSD, Solaris, Other Unix |
|
| Reference: | | SecurityFocusBID:24273
ExploitDB:4019
http://www.vupen.com/english/advisories/2007/2044
|
|