CVE-2010-4979

SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary SQL commands via the image_id parameter.

Date published : 2011-11-01

http://www.securityfocus.com/bid/41216

http://www.packetstormsecurity.com/1006-exploits/candid-sql.txt