Zoph : Security Vulnerabilities, CVEs, Published In 2014 (Sql injection)
Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) _action parameter to group.php or (2) user.php or the (3) location_id parameter to photos.php in php/.
Max CVSS
6.5
EPSS Score
0.09%
Published
2014-12-03
Updated
2014-12-05
1 vulnerabilities found