SQL Injection Vulnerabilities in Pixelpost 1.7.3 Admin Panel

SQL Injection Vulnerabilities in Pixelpost 1.7.3 Admin Panel

CVE-2011-1100 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) selectfmon, or (5) selectftag parameter in an images action.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.