6.5

CVE-2007-0122

Exploit

EPSS 1.78%
Veröffentlicht 09.01.2007 02:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Coppermine ≫ Coppermine Photo Gallery Version <= 1.4.10

Coppermine ≫ Coppermine Photo Gallery Version1.0

Coppermine ≫ Coppermine Photo Gallery Version1.0_rc3

Coppermine ≫ Coppermine Photo Gallery Version1.1

Coppermine ≫ Coppermine Photo Gallery Version1.1_beta_2

Coppermine ≫ Coppermine Photo Gallery Version1.2

Coppermine ≫ Coppermine Photo Gallery Version1.2.1

Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b

Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b-nuke

Coppermine ≫ Coppermine Photo Gallery Version1.3

Coppermine ≫ Coppermine Photo Gallery Version1.3.2

Coppermine ≫ Coppermine Photo Gallery Version1.3.3

Coppermine ≫ Coppermine Photo Gallery Version1.3.4

Coppermine ≫ Coppermine Photo Gallery Version1.4.4

Coppermine ≫ Coppermine Photo Gallery Version1.4.9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.78%	0.82

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://acid-root.new.fr/poc/19070104.txt

http://www.securityfocus.com/archive/1/456051/100/0/threaded

http://osvdb.org/35852

http://osvdb.org/35853

http://osvdb.org/35854

http://osvdb.org/35855

http://osvdb.org/35856

http://secunia.com/advisories/25846

http://securityreason.com/securityalert/2123

http://www.securityfocus.com/bid/21894

Exploit

https://www.exploit-db.com/exploits/3085

https://nvd.nist.gov/vuln/detail/CVE-2007-0122

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0122

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0122

EUVD