Vulnerabilities > Ktools > Photostore > 3.4.3

DATE CVE VULNERABILITY TITLE RISK
2009-04-07 CVE-2008-6649 SQL Injection vulnerability in Ktools Photostore
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
network
low complexity
ktools CWE-89
7.5
7.5
2009-04-07 CVE-2008-6648 SQL Injection vulnerability in Ktools Photostore 3.4.3/3.5.2
SQL injection vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 allows remote attackers to execute arbitrary SQL commands via the gid parameter to about_us.php.
network
low complexity
ktools CWE-89
7.5
7.5
2009-04-07 CVE-2008-6647 SQL Injection vulnerability in Ktools Photostore 3.4.3
SQL injection vulnerability in gallery.php in Ktools PhotoStore 3.4.3 allows remote attackers to execute arbitrary SQL commands via the gid parameter.
network
low complexity
ktools CWE-89
7.5
7.5