Unrated severityNVD Advisory· Published Feb 21, 2012· Updated Jun 16, 2026
CVE-2012-0994
CVE-2012-0994
Description
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- archives.neohapsis.com/archives/bugtraq/2012-02/0037.htmlnvdExploit
- www.securityfocus.com/bid/51916nvdExploit
- www.zenphoto.org/trac/changeset/8994nvdExploitPatch
- www.zenphoto.org/trac/changeset/8995nvdExploitPatch
- www.htbridge.ch/advisory/HTB23070nvdExploit
- secunia.com/advisories/47875nvdVendor Advisory
- www.zenphoto.org/news/zenphoto-1.4.2.1nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/73082nvd
News mentions
0No linked articles in our index yet.