Lucene search

[email protected]CVE-2005-0377

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0377

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0377

sql injection

sgallery 1.01

remote attack

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.

Affected configurations

NVD

Node

sergey_kiselevsgalleryMatch1.01

CPENameOperatorVersion
sergey_kiselev:sgallerysergey kiselev sgalleryeq1.01

CPE	Name	Operator	Version
sergey_kiselev:sgallery	sergey kiselev sgallery	eq	1.01

References

lists.grok.org.uk/pipermail/full-disclosure/2005-January/030844.html

marc.info/?l=bugtraq&m=110557050700947&w=2

secunia.com/advisories/13824

securitytracker.com/id?1012868

www.securityfocus.com/bid/12249

www.waraxe.us/advisory-39.html

exchange.xforce.ibmcloud.com/vulnerabilities/18876

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2005-0377

openvas1 cvelist1 nvd1