cpe:/a:yamamah:yamamah:1.00 CVE-2010-2335 2010-06-18T16:30:01.423-04:00 2010-06-24T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-06-21T14:23:00.000-04:00 EXPLOIT-DB 13845 MISC http://www.yamamah.org/home/?page=39 SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.