CVE-2006-2040

Multiple SQL injection vulnerabilities in photokorn 1.53 and 1.542 allow remote attackers to execute arbitrary SQL commands via the (1) cat, (2) pic and (3) page parameter in index.php; (4) id parameter in postcard.php; and (5) cat parameter in print.php.

Date published : 2006-04-26

http://www.securityfocus.com/bid/17683

http://www.securityfocus.com/archive/1/431982/100/0/threaded