Lucene search

[email protected]NVD:CVE-2008-0504

HistoryJan 31, 2008 - 8:00 p.m.

CVE-2008-0504

2008-01-3120:00:00

CWE-89

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.002

Percentile

64.6%

JSON

Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.

Affected configurations

NVD

Node

coppermine-gallerycoppermine_photo_galleryRange≤1.4.14

coppermine-gallerycoppermine_photo_galleryMatch1.0

coppermine-gallerycoppermine_photo_galleryMatch1.0rc3

coppermine-gallerycoppermine_photo_galleryMatch1.1

coppermine-gallerycoppermine_photo_galleryMatch1.1beta_2

coppermine-gallerycoppermine_photo_galleryMatch1.1.0

coppermine-gallerycoppermine_photo_galleryMatch1.2

coppermine-gallerycoppermine_photo_galleryMatch1.2.0

coppermine-gallerycoppermine_photo_galleryMatch1.2.0rc2

coppermine-gallerycoppermine_photo_galleryMatch1.2.1

coppermine-gallerycoppermine_photo_galleryMatch1.2.1b

coppermine-gallerycoppermine_photo_galleryMatch1.2.1b-nuke

coppermine-gallerycoppermine_photo_galleryMatch1.3.0

coppermine-gallerycoppermine_photo_galleryMatch1.3.1

coppermine-gallerycoppermine_photo_galleryMatch1.3.2

coppermine-gallerycoppermine_photo_galleryMatch1.3.3

coppermine-gallerycoppermine_photo_galleryMatch1.3.4

coppermine-gallerycoppermine_photo_galleryMatch1.3.5

coppermine-gallerycoppermine_photo_galleryMatch1.4

coppermine-gallerycoppermine_photo_galleryMatch1.4.0

coppermine-gallerycoppermine_photo_galleryMatch1.4.0alpha

coppermine-gallerycoppermine_photo_galleryMatch1.4.0beta

coppermine-gallerycoppermine_photo_galleryMatch1.4.1

coppermine-gallerycoppermine_photo_galleryMatch1.4.1beta

coppermine-gallerycoppermine_photo_galleryMatch1.4.10

coppermine-gallerycoppermine_photo_galleryMatch1.4.11

coppermine-gallerycoppermine_photo_galleryMatch1.4.12

coppermine-gallerycoppermine_photo_galleryMatch1.4.13

References

coppermine-gallery.net/forum/index.php?topic=50103.0

secunia.com/advisories/28682

www.securityfocus.com/archive/1/487351/100/200/threaded

www.securityfocus.com/bid/27509

www.securitytracker.com/id?1019285

www.vupen.com/english/advisories/2008/0367

www.waraxe.us/advisory-66.html

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.002

Percentile

64.6%

JSON

Related for NVD:CVE-2008-0504

cve2 prion2 cvelist2 nvd1 freebsd1 openvas2 nessus1