Vulnerability Details CVE-2008-1349
SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://packetstormsecurity.org/0804-exploits/runcms11a-sql.txt
- http://secunia.com/advisories/29359
- http://secunia.com/advisories/29362
- http://www.securityfocus.com/bid/28229
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41188
- https://www.exploit-db.com/exploits/5244
- https://www.exploit-db.com/exploits/5340
- http://packetstormsecurity.org/0804-exploits/runcms11a-sql.txt
- http://secunia.com/advisories/29359
- http://secunia.com/advisories/29362
- http://www.securityfocus.com/bid/28229
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41188
- https://www.exploit-db.com/exploits/5244
- https://www.exploit-db.com/exploits/5340
Products affected by CVE-2008-1349
-
cpe:2.3:a:exv2:bamagalerie:3.03
-
cpe:2.3:a:exv2:bamagalerie:3.041
-
cpe:2.3:a:exv2:exv2:2.0.6