Lucene search

[email protected]CVE-2007-1469

HistoryMar 16, 2007 - 9:19 p.m.

CVE-2007-1469

2007-03-1621:19:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-1469

sql injection

absolute image gallery 2.0

remote attackers

arbitrary sql commands

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.3%

JSON

SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.

Affected configurations

NVD

Node

xiglaabsolute_image_gallery_xeMatch2.0

CPENameOperatorVersion
xigla:absolute_image_gallery_xexigla absolute image gallery xeeq2.0

CPE	Name	Operator	Version
xigla:absolute_image_gallery_xe	xigla absolute image gallery xe	eq	2.0

References

secunia.com/advisories/24543

securityreason.com/securityalert/2429

www.osvdb.org/34239

www.securityfocus.com/archive/1/462971/100/0/threaded

www.securityfocus.com/bid/22988

www.vupen.com/english/advisories/2007/1002

exchange.xforce.ibmcloud.com/vulnerabilities/33005

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.3%

JSON

Related for CVE-2007-1469

cvelist1 securityvulns1 nvd1 prion1