[VIM] PhotoPost PHP 4.6.5 (ecard.php) SQL Injection Vulnerability

rkeith rkeith at securityfocus.com
Tue Aug 3 12:52:29 CDT 2010

Thanks George.

We concur, and are retiring BID 41946 as a duplicate of 9557.


George A. Theall wrote:
> Exploit DB 14453 talks about two SQL injection vulnerabilities in an old
> version of PhotoPost, the second involving the 'photo' parameter to the
> 'showphoto.php' script. It looks like BID 41946 was created based on the
> same advisory.
> Isn't that issue the same as one reported by Digital Crab in 2004 and
> covered by CVE-2004-0239 / BID 9557?
> George

Rob Keith

More information about the VIM mailing list