VYPR

Monalbum

by 3dsrc

CVEs (2)

  • CVE-2007-2647May 14, 2007
    risk 0.03cvss epss 0.03

    Static code injection vulnerability in admin/admin_configuration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the (1) gadm_pass, (2) gadm_user, (3) gcfgHote, (4) gcfgPass, (5) gcfgUser, (6)…

  • CVE-2006-1585Apr 2, 2006
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in MonAlbum 0.8.7 allow remote attackers to execute arbitrary SQL commands via (1) the pc parameter in (a) index.php and (2) pnom, (3) pcourriel, and (4) pcommentaire parameters in (b) image_agrandir.php.