Lucene search
MitreCVE-2005-4244HistoryDec 14, 2005 - 11:03 a.m.
CVE-2005-4244
2005-12-1411:03:00
CWE-89
mitre
web.nvd.nist.gov
27
cve-2005-4244
sql injection
snipe gallery 3.1.4
security vulnerability
remote code execution
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.002
Percentile
56.9%
SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php.
Affected configurations
Node
snipegallerysnipe_galleryRange≤3.1.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| snipegallery | snipe_gallery | * | cpe:2.3:a:snipegallery:snipe_gallery:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2005-4244
2005-12-14 11:03:00
exploitdb
exploitdb
Snipe Gallery 3.1.4 - 'image.php?image_id' SQL Injection
2005-12-13 00:00:00
Snipe Gallery 3.1.4 - 'view.php?gallery_id' SQL Injection
2005-12-13 00:00:00
cvelist
cvelist
CVE-2005-4244
2005-12-14 11:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
Low
EPSS
0.002
Percentile
56.9%
Related for CVE-2005-4244