Filtered by vendor Maxdev Subscriptions
Filtered by product My Egallery Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0728 2 Maxdev, Postnuke 3 Md-pro, My Egallery, Postnuke 2024-11-21 N/A
SQL injection vulnerability in the My_eGallery module for MAXdev MDPro (MD-Pro) and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php.
CVE-2008-7038 2 Maxdev, Phpnuke 2 My Egallery, Php-nuke 2024-11-21 N/A
SQL injection vulnerability in the My_eGallery module for PHP-Nuke allows remote attackers to execute arbitrary SQL commands via the gid parameter in a showgall action to modules.php. NOTE: this issue was disclosed by an unreliable researcher, so the details might be incorrect.