6.5
CVE-2007-0122
- EPSS 3.02%
- Veröffentlicht 09.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:34:57
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Coppermine ≫ Coppermine Photo Gallery Version <= 1.4.10
Coppermine ≫ Coppermine Photo Gallery Version1.0
Coppermine ≫ Coppermine Photo Gallery Version1.0_rc3
Coppermine ≫ Coppermine Photo Gallery Version1.1
Coppermine ≫ Coppermine Photo Gallery Version1.1_beta_2
Coppermine ≫ Coppermine Photo Gallery Version1.2
Coppermine ≫ Coppermine Photo Gallery Version1.2.1
Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b
Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b-nuke
Coppermine ≫ Coppermine Photo Gallery Version1.3
Coppermine ≫ Coppermine Photo Gallery Version1.3.2
Coppermine ≫ Coppermine Photo Gallery Version1.3.3
Coppermine ≫ Coppermine Photo Gallery Version1.3.4
Coppermine ≫ Coppermine Photo Gallery Version1.4.4
Coppermine ≫ Coppermine Photo Gallery Version1.4.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.02% | 0.857 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://acid-root.new.fr/poc/19070104.txt
http://www.securityfocus.com/archive/1/456051/100/0/threaded
http://osvdb.org/35852
http://osvdb.org/35853
http://osvdb.org/35854
http://osvdb.org/35855
http://osvdb.org/35856
http://secunia.com/advisories/25846
http://securityreason.com/securityalert/2123
http://www.securityfocus.com/bid/21894
https://www.exploit-db.com/exploits/3085