CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 3CVE-2011-1100 – PixelPost 1.7.3 - Multiple POST SQL Injections
https://notcve.org/view.php?id=CVE-2011-1100
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action. Múltiples vulnerabilidades de inyección SQL en admin/index.php en Pixelpost v1.7.3, permite a usuarios remotos autenticados ejecutar comandos SQL a través del parámetro (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, o (5) selectftag en una acción images. • https://www.exploit-db.com/exploits/16160 http://www.exploit-db.com/exploits/16160 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4992.php https://exchange.xforce.ibmcloud.com/vulnerabilities/65474 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •