CVE-2007-3905
EPSS 0.78%zoph - SQL injection
Published: 7/19/2007Modified: 4/28/2026
Description
SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php.
Affected packages (3)
- Debian/zophfrom 0, < 0.7.0.2-1
- Debian/zophfrom 0, < 0.6-2.1etch1
- Debian/zophfrom 0, < 0.3.3-12sarge3