Vulnerabilities > Nitropowered

DATE CVE VULNERABILITY TITLE RISK
2010-06-02 CVE-2010-2141 SQL Injection vulnerability in Nitropowered Nitro web Gallery
SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arbitrary SQL commands via the PictureId parameter in an open action.
network
low complexity
nitropowered CWE-89
7.5
2008-06-23 CVE-2008-2817 SQL Injection vulnerability in Nitropowered Nitro web Gallery
SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action.
network
low complexity
nitropowered CWE-89
7.5