Lucene search

[email protected]CVE-2004-0239

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0239

2004-11-2305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0239

sql injection

photopost php pro

security vulnerability

unauthorized access

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.8%

JSON

SQL injection vulnerability in showphoto.php in PhotoPost PHP Pro 4.6 and earlier allows remote attackers to gain unauthorized access via the photo variable.

CPENameOperatorVersion
photopost:photopost_php_prophotopost photopost php proeq4.0
photopost:photopost_php_prophotopost photopost php proeq3.1
photopost:photopost_php_prophotopost photopost php proeq4.1
photopost:photopost_php_prophotopost photopost php proeq3.3
photopost:photopost_php_prophotopost photopost php proeq4.6
photopost:photopost_php_prophotopost photopost php proeq3.2

CPE	Name	Operator	Version
photopost:photopost_php_pro	photopost photopost php pro	eq	4.0
photopost:photopost_php_pro	photopost photopost php pro	eq	3.1
photopost:photopost_php_pro	photopost photopost php pro	eq	4.1
photopost:photopost_php_pro	photopost photopost php pro	eq	3.3
photopost:photopost_php_pro	photopost photopost php pro	eq	4.6
photopost:photopost_php_pro	photopost photopost php pro	eq	3.2

References

marc.info/?l=bugtraq&m=107582512023998&w=2

www.securiteam.com/securitynews/5KP010UC0W.html

www.securityfocus.com/bid/9557

exchange.xforce.ibmcloud.com/vulnerabilities/15008

8.3 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.8%

JSON

Related for CVE-2004-0239

nessus1