Vulnerabilities > Nitropowered
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-06-02 | CVE-2010-2141 | SQL Injection vulnerability in Nitropowered Nitro web Gallery SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action. | 7.5 |
2008-06-23 | CVE-2008-2817 | SQL Injection vulnerability in Nitropowered Nitro web Gallery SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action. | 7.5 |