6.5
CVE-2007-0122
- EPSS 1.78%
- Published 09.01.2007 02:28:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.
Data is provided by the National Vulnerability Database (NVD)
Coppermine ≫ Coppermine Photo Gallery Version <= 1.4.10
Coppermine ≫ Coppermine Photo Gallery Version1.0
Coppermine ≫ Coppermine Photo Gallery Version1.0_rc3
Coppermine ≫ Coppermine Photo Gallery Version1.1
Coppermine ≫ Coppermine Photo Gallery Version1.1_beta_2
Coppermine ≫ Coppermine Photo Gallery Version1.2
Coppermine ≫ Coppermine Photo Gallery Version1.2.1
Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b
Coppermine ≫ Coppermine Photo Gallery Version1.2.2_b-nuke
Coppermine ≫ Coppermine Photo Gallery Version1.3
Coppermine ≫ Coppermine Photo Gallery Version1.3.2
Coppermine ≫ Coppermine Photo Gallery Version1.3.3
Coppermine ≫ Coppermine Photo Gallery Version1.3.4
Coppermine ≫ Coppermine Photo Gallery Version1.4.4
Coppermine ≫ Coppermine Photo Gallery Version1.4.9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.78% | 0.82 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|