Critical severity9.8NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026
CVE-2016-4337
CVE-2016-4337
Description
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ktools:photostore:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ktools:photostore:*:*:*:*:*:*:*:*range: <=4.7.4
- (no CPE)range: <4.7.5
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/137734/Ktools-Photostore-4.7.5-Blind-SQL-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/40046/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.