cpe:/a:zenphoto:zenphoto:1.2.5 CVE-2009-4566 2010-01-04T16:30:00.657-05:00 2017-08-16T21:31:38.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-01-05T11:43:00.000-05:00 SECUNIA 35863 OSVDB 55920 XF zenphoto-title-sql-injection(51799) SQL injection vulnerability in index.php in Zenphoto 1.2.5 allows remote attackers to execute arbitrary SQL commands via the title parameter in a news action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.