Lucene search

[email protected]CVE-2008-1840

HistoryApr 16, 2008 - 5:05 p.m.

CVE-2008-1840

2008-04-1617:05:00

CWE-89

[email protected]

web.nvd.nist.gov

cve

2008

1840

sql injection

coppermine photo gallery

nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.7%

JSON

SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.

Affected configurations

NVD

Node

copperminecoppermine_photo_galleryRange≤1.4.16

copperminecoppermine_photo_galleryMatch1.4

copperminecoppermine_photo_galleryMatch1.4.1

copperminecoppermine_photo_galleryMatch1.4.2

copperminecoppermine_photo_galleryMatch1.4.3

copperminecoppermine_photo_galleryMatch1.4.4

copperminecoppermine_photo_galleryMatch1.4.5

copperminecoppermine_photo_galleryMatch1.4.6

copperminecoppermine_photo_galleryMatch1.4.7

copperminecoppermine_photo_galleryMatch1.4.8

copperminecoppermine_photo_galleryMatch1.4.9

copperminecoppermine_photo_galleryMatch1.4.10

copperminecoppermine_photo_galleryMatch1.4.11

copperminecoppermine_photo_galleryMatch1.4.12

copperminecoppermine_photo_galleryMatch1.4.13

copperminecoppermine_photo_galleryMatch1.4.14

CPENameOperatorVersion
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryle1.4.16
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.1
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.2
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.3
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.4
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.5
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.6
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.7
coppermine:coppermine_photo_gallerycoppermine coppermine photo galleryeq1.4.8

CPE	Name	Operator	Version
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	le	1.4.16
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.1
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.2
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.3
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.4
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.5
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.6
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.7
coppermine:coppermine_photo_gallery	coppermine coppermine photo gallery	eq	1.4.8

Rows per page:

1-10 of 161

References

forum.coppermine-gallery.net/index.php/topic%2C51787%2C0.html

secunia.com/advisories/29795

sourceforge.net/project/shownotes.php?group_id=89658&release_id=592069

www.osvdb.org/44345

www.securityfocus.com/bid/28766

exchange.xforce.ibmcloud.com/vulnerabilities/41784

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.7%

JSON

Related for CVE-2008-1840

cvelist2 prion2 nvd2 cve1