PT-2022-10780 · Unknown · Simple Image Gallery System
M4Sk0Ff
·
Published
2022-11-16
·
Updated
2022-11-17
·
CVE-2021-38819
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Simple Image Gallery System version 1.0
Description
A SQL injection issue exists in the application, specifically through the
id parameter on the album page.Recommendations
For Simple Image Gallery System version 1.0, avoid using the
id parameter in the album page until the issue is resolved. As a temporary workaround, consider restricting access to the album page to minimize the risk of exploitation.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simple Image Gallery System