CVE-2005-0929

critical

Description

SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.

References

http://www.osvdb.org/15100

http://www.osvdb.org/15099

http://securitytracker.com/id?1013581

http://secunia.com/advisories/14742

http://marc.info/?l=bugtraq&m=111213719017716&w=2

http://marc.info/?l=bugtraq&m=111205342909640&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics