Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in ImageAlbum 2.0.0b2 allow remote attackers to execute arbitrary SQL commands via the id, which is not properly handled in (1) classes/IADomain.php, (2) classes/IACollection.php, and (3) classes/IAUser.php, as demonstrated via the id parameter in a collection.imageview action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
imagealbum SQL注入漏洞
Vulnerability Description
ImageAlbum 2.0.0b2的多个SQL注入漏洞会允许远程攻击者利用id来执行任意SQL命令。这些id在(1) classes/IADomain.PHP, (2) classes/IACollection.PHP和 (3) classes/IAUser.PHP中没有经过合适处理。
CVSS Information
N/A
Vulnerability Type
N/A