CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-0377

Malware in sbrugna...

7.5CVSS6.4AI score0.0214EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-0378

Malware in sbrugna...

7.5CVSS6.4AI score0.00963EPSS

Exploits1References8

OpenVAS•added 2005/11/03 12:0 a.m.•18 views

SGallery idimage SQL Injection

The remote host is running SGallery, a module for PHP-Nuke. A critical SQL injection in the remote version of this module has been found, this vulnerability allows a remote attacker via the SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced...

7.5CVSS7.8AI score0.00963EPSS

Exploits1References1

NVD•added 2005/05/02 4:0 a.m.•9 views

CVE-2005-0375

imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with 1 idalbum and 2 idimage unset, which reveals the installation path in an error message for the sqlfetchrow function...

5CVSS6.3AI score0.0057EPSS

Exploits1References5

NVD•added 2005/05/02 4:0 a.m.•7 views

CVE-2005-0377

SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the 1 idalbum or 2 idimage parameters...

7.5CVSS8.4AI score0.00963EPSS

Exploits1References7

Cvelist•added 2005/02/13 5:0 a.m.•14 views

CVE-2005-0375

6.3AI score0.0057EPSS

Exploits1References5

CVE•added 2005/02/13 5:0 a.m.•52 views

CVE-2005-0376

The CVE-2005-0376 entry describes a PHP remote file inclusion in SGallery 1.01 where an attacker can modify DOCUMENT_ROOT to reference a URL on a remote server and execute arbitrary PHP code in the files (config.php or sql_layer.php). Root cause: improper validation of DOCUMENT_ROOT enabling remo...

7.5CVSS7.9AI score0.0214EPSS

Exploits1References6Affected Software1

CVE•added 2005/02/13 5:0 a.m.•44 views

CVE-2005-0377

The CVE describes an SQL injection in SGallery 1.01 (imageview.php) that can be triggered via the idalbum or idimage parameters, allowing remote execution of arbitrary SQL commands. CVSS v2 base score 7.5 ( HIGH ) with network attack vector and low attack complexity; impacts on confidentiality, i...

7.5CVSS8.4AI score0.00963EPSS

Exploits1References7Affected Software1

Cvelist•added 2005/02/13 5:0 a.m.•12 views

CVE-2005-0376

PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENTROOT parameter to reference a URL on a remote web server that contains 1 config.php or 2 sqllayer.php...

7.5AI score0.0214EPSS

Exploits1References6

Cvelist•added 2005/02/13 5:0 a.m.•14 views

CVE-2005-0377

SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the 1 idalbum or 2 idimage parameters...

8.4AI score0.00963EPSS

Exploits1References7

CVE•added 2005/02/13 5:0 a.m.•36 views

CVE-2005-0375

CVE-2005-0375 affects SGallery 1.01 via imageview.php. When (1) idalbum or (2) idimage is unset, an error in sql_fetch_row reveals the installation path, exposing sensitive information. This is a partial confidentiality impact described by the NVD score (base 5.0). The connected records confirm t...

5CVSS6.7AI score0.0057EPSS

Exploits1References5Affected Software1

Packet Storm•added 2005/01/15 12:0 a.m.•41 views

waraxe-2005-SA039.txt

================================================================================ waraxe-2005-SA039 ================================================================================ Critical Sql Injection in Sgallery module for PhpNuke...

7.4AI score

Exploits0