Detections
Analytics

Singapore Gallery < 0.9.11 Multiple Vulnerabilities

medium Nessus Plugin ID 15987

Language:

Synopsis

The remote web server contains a PHP script that is affected by multiple vulnerabilities.

Description

Singapore is a PHP based photo gallery web application.

The remote version of this software is affected by multiple vulnerabilities that may allow an attacker to read arbitrary files on the remote host or to execute arbitrary PHP commands.

Solution

Upgrade to Singapore 0.9.11 or later.

See Also

https://seclists.org/bugtraq/2004/Dec/209

http://www.nessus.org/u?78dc82b5

Plugin Details

Severity: Medium

ID: 15987

File Name: singapore_flaws.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 12/16/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 12/16/2004

Reference Information

CVE: CVE-2004-1407, CVE-2004-1408, CVE-2004-1409

BID: 11990