Lucene search

[email protected]CVE-2008-1162

HistoryMar 05, 2008 - 11:44 p.m.

CVE-2008-1162

2008-03-0523:44:00

CWE-89

[email protected]

web.nvd.nist.gov

security

php

sql injection

vulnerability

web script

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.1%

JSON

SQL injection vulnerability in album.php in PHP WEB SCRIPT Dynamic Photo Gallery 1.02 allows remote attackers to execute arbitrary SQL commands via the albumID parameter.

Affected configurations

NVD

Node

php_web_scriptsdynamic_photo_galleryMatch1.0.2

CPENameOperatorVersion
php_web_scripts:dynamic_photo_galleryphp web scripts dynamic photo galleryeq1.0.2

CPE	Name	Operator	Version
php_web_scripts:dynamic_photo_gallery	php web scripts dynamic photo gallery	eq	1.0.2

References

forum.aria-security.net/showthread.php?p=1521

secunia.com/advisories/29212

www.securityfocus.com/archive/1/489017/100/0/threaded

www.securityfocus.com/bid/28067

www.exploit-db.com/exploits/5211

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

35.1%

JSON

Related for CVE-2008-1162

cvelist1 nvd1 prion1