Package: zoph Version: 0.6-2.1 Severity: grave Tags: security Justification: user security hole
A vulnerability has been found in zoph. From CVE-2007-3905: "SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php." Please mention the CVE id in the changelog. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
