DEBIAN-CVE-2014-9235

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2014-9235

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2014-9235.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2014-9235

Upstream

CVE-2014-9235

Published

2014-12-03T21:59:05Z

Modified

2025-09-18T05:19:38Z

Summary

[none]

Details

Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) action parameter to group.php or (2) user.php or the (3) locationid parameter to photos.php in php/.

References

https://security-tracker.debian.org/tracker/CVE-2014-9235

Affected packages

Debian:11 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:14 / zoph

Package

Name: zoph
Purl: pkg:deb/debian/zoph?arch=source

Affected ranges

Ecosystem specific

{
    "urgency": "unimportant"
}