MidnightBSD

Advisories for yabsoft

CVE-2012-6039 HIGH

SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
yabsoft advanced_image_hosting_script 2.3
yabsoft advanced_image_hosting_script -