Vulnerability Details CVE-2008-0504
Multiple SQL injection vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) albumid, (2) startpic, and (3) numpics parameters to util.php; and (4) cid_array parameter to reviewcom.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.9%
CVSS Severity
CVSS v2 Score 6.5
References
- http://coppermine-gallery.net/forum/index.php?topic=50103.0
- http://secunia.com/advisories/28682
- http://www.securityfocus.com/archive/1/487351/100/200/threaded
- http://www.securityfocus.com/bid/27509
- http://www.securitytracker.com/id?1019285
- http://www.vupen.com/english/advisories/2008/0367
- http://www.waraxe.us/advisory-66.html
- http://coppermine-gallery.net/forum/index.php?topic=50103.0
- http://secunia.com/advisories/28682
- http://www.securityfocus.com/archive/1/487351/100/200/threaded
- http://www.securityfocus.com/bid/27509
- http://www.securitytracker.com/id?1019285
- http://www.vupen.com/english/advisories/2008/0367
- http://www.waraxe.us/advisory-66.html
Products affected by CVE-2008-0504
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.0
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.1.0
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.0
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.2.1
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.0
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.1
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.2
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.3
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.4
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.3.5
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.0
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.1
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.10
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.11
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.12
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.13
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.14
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.2
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.3
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.4
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.5
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.6
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.7
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.8
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.4.9