2007-01-17 00:00:00
mitre
PUBLISHED
SQL injection vulnerability in displaypic.asp in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary SQL commands via the sortorder parameter.