Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php. NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHPWebGallery 多个SQL注入漏洞
Vulnerability Description
PhpWebGallery 1.5.1 以及更早版本中存在多个SQL注入漏洞,远程攻击者可以通过comments.php的(1) since,(2)sort_by和(3) items_number 参数,(4)category.php的search参数,和(5) picture.php的image_id参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A