-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 for CVE entries etc etc http://www.photopost.com/forum/showthread.php?t=134910 http://www.photopost.com/forum/showthread.php?p=1213648 http://heapoverflow.com/f0rums/security-discussions/2850-photopost-vbgallery-2-4-1-sql-injection-vulnerability.html#post3535
It's unclear what type of bug is it about, they are refering to an apache bug but since all hacks used to access the database it could be a SQL injection. This is critical bug. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) iD8DBQFHh2DudS4H/t4eKFARAhmhAKDBsI9pceyHE27k98GLbNLlraKb/wCgogGH mxwZiW0ZK83j9DSiX9V/qk4= =JPhP -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
