UBUNTU-CVE-2014-9235
- Source
- https://ubuntu.com/security/CVE-2014-9235
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-9235.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2014-9235
- Upstream
- Published
- 2014-12-03T21:59:00Z
- Modified
- 2025-07-14T07:14:43.915232Z
- Severity
-
- Ubuntu - medium
- Summary
- [none]
- Details
-
Multiple SQL injection vulnerabilities in Zoph (aka Zoph Organizes Photos) 0.9.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) action parameter to group.php or (2) user.php or the (3) locationid parameter to photos.php in php/.
- References
Affected packages
Ubuntu:Pro:18.04:LTS / zoph
Package
- Name
- zoph
- Purl
- pkg:deb/ubuntu/zoph@0.9.4-4?arch=source&distro=esm-apps/bionic
Ubuntu:Pro:20.04:LTS / zoph
Package
- Name
- zoph
- Purl
- pkg:deb/ubuntu/zoph@0.9.11-2?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / zoph
Package
- Name
- zoph
- Purl
- pkg:deb/ubuntu/zoph@0.9.19-1?arch=source&distro=jammy
Ubuntu:24.04:LTS / zoph
Package
- Name
- zoph
- Purl
- pkg:deb/ubuntu/zoph@1.0.1-4?arch=source&distro=noble