Ktools » Photostore » 3.1.1 : Security Vulnerabilities, CVEs,
SQL injection vulnerability in the mgr.login.php file in Ktools.net Photostore before 4.7.5 allows remote attackers to execute arbitrary SQL commands via the email parameter in a recover_login action.
Max CVSS
9.8
EPSS Score
0.19%
Published
2017-04-12
Updated
2017-04-19
SQL injection vulnerability in manager/image_details_editor.php in Ktools PhotoStore 2.5, 2.9.8, 3.1.0, and other versions through 3.5.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
Max CVSS
7.5
EPSS Score
0.20%
Published
2009-04-07
Updated
2017-09-29
2 vulnerabilities found