Vulnerability Details CVE-2005-0929
SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=111205342909640&w=2
- http://marc.info/?l=bugtraq&m=111213719017716&w=2
- http://secunia.com/advisories/14742
- http://securitytracker.com/id?1013581
- http://www.osvdb.org/15099
- http://www.osvdb.org/15100
- http://marc.info/?l=bugtraq&m=111205342909640&w=2
- http://marc.info/?l=bugtraq&m=111213719017716&w=2
- http://secunia.com/advisories/14742
- http://securitytracker.com/id?1013581
- http://www.osvdb.org/15099
- http://www.osvdb.org/15100
Products affected by CVE-2005-0929
-
cpe:2.3:a:photopost:photopost_php_pro:5.0_rc3