Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-0122
HistoryJan 09, 2007 - 2:28 a.m.

CVE-2007-0122

2007-01-0902:28:00
mitre
web.nvd.nist.gov
27
12
coppermine photo gallery
sql injection
remote authenticated administrators
cve-2007-0122
nvd

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON

Multiple SQL injection vulnerabilities in Coppermine Photo Gallery 1.4.10 and earlier allow remote authenticated administrators to execute arbitrary SQL commands via (1) the cat parameter to albmgr.php, and possibly (2) the gid parameter to usermgr.php; (3) the start parameter to db_ecard.php; and the albumid parameter to unspecified files, related to the (4) filename_to_title and (5) del_titles functions.

Affected configurations

Nvd
Node
copperminecoppermine_photo_galleryRange1.4.10
OR
copperminecoppermine_photo_galleryMatch1.0
OR
copperminecoppermine_photo_galleryMatch1.0_rc3
OR
copperminecoppermine_photo_galleryMatch1.1
OR
copperminecoppermine_photo_galleryMatch1.1_beta_2
OR
copperminecoppermine_photo_galleryMatch1.2
OR
copperminecoppermine_photo_galleryMatch1.2.1
OR
copperminecoppermine_photo_galleryMatch1.2.2_b
OR
copperminecoppermine_photo_galleryMatch1.2.2_b-nuke
OR
copperminecoppermine_photo_galleryMatch1.3
OR
copperminecoppermine_photo_galleryMatch1.3.2
OR
copperminecoppermine_photo_galleryMatch1.3.3
OR
copperminecoppermine_photo_galleryMatch1.3.4
OR
copperminecoppermine_photo_galleryMatch1.4.4
OR
copperminecoppermine_photo_galleryMatch1.4.9
VendorProductVersionCPE
copperminecoppermine_photo_gallery*cpe:2.3:a:coppermine:coppermine_photo_gallery:*:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.0cpe:2.3:a:coppermine:coppermine_photo_gallery:1.0:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.0_rc3cpe:2.3:a:coppermine:coppermine_photo_gallery:1.0_rc3:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.1cpe:2.3:a:coppermine:coppermine_photo_gallery:1.1:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.1_beta_2cpe:2.3:a:coppermine:coppermine_photo_gallery:1.1_beta_2:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.2cpe:2.3:a:coppermine:coppermine_photo_gallery:1.2:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.2.1cpe:2.3:a:coppermine:coppermine_photo_gallery:1.2.1:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.2.2_bcpe:2.3:a:coppermine:coppermine_photo_gallery:1.2.2_b:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.2.2_b-nukecpe:2.3:a:coppermine:coppermine_photo_gallery:1.2.2_b-nuke:*:*:*:*:*:*:*
copperminecoppermine_photo_gallery1.3cpe:2.3:a:coppermine:coppermine_photo_gallery:1.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 151

Social References

More

Related

cvelist 1
exploitdb 1
prion 1
nvd 1
securityvulns 1
cvelist
cvelist
CVE-2007-0122
2007-01-09 02:00:00
exploitdb
exploitdb
Coppermine Photo Gallery 1.4.11 - SQL Injection
2007-01-05 00:00:00
prion
prion
Sql injection
2007-01-09 02:28:00
nvd
nvd
CVE-2007-0122
2007-01-09 02:28:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2007-01-06 00:00:00

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.006

Percentile

78.2%

JSON
Related for CVE-2007-0122
cvelist1exploitdb1prion1nvd1securityvulns1