CVE-2014-9235

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2014-9235

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-9235.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-9235

Related

UBUNTU-CVE-2014-9235

Published

2014-12-03T21:59:05Z

Modified

2025-01-08T03:28:35.997169Z

Summary

[none]

Details

Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) action parameter to group.php or (2) user.php or the (3) locationid parameter to photos.php in php/.

References

Affected packages

Debian:11 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.16-1

0.9.17-1

0.9.17-2

0.9.18-1

0.9.19-1

1.*

1.0.1-1

1.0.1-2

1.0.1-3

1.0.1-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.1-3

1.0.1-4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.0.1-3

1.0.1-4

Ecosystem specific

{
    "urgency": "unimportant"
}