CVE-2009-0728
24.02.2009, 23:30
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
Vendor | Product | Version |
---|---|---|
maxdev | my_egallery | - |
𝑥
= Vulnerable software versions