CVE-2008-4348
SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter.
Date published : 2008-09-30
http://www.securityfocus.com/bid/31143
http://packetstormsecurity.org/0809-exploits/phpportfolio-sql.txt