CVE-2008-1349 | HackTesting

SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

References

http://www.securityfocus.com/bid/28229

http://secunia.com/advisories/29359

https://exchange.xforce.ibmcloud.com/vulnerabilities/41188

https://www.exploit-db.com/exploits/5244

http://packetstormsecurity.org/0804-exploits/runcms11a-sql.txt

https://www.exploit-db.com/exploits/5340

http://secunia.com/advisories/29362