CVE-2007-1469
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2007-1469
Status
Candidate
Description
SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.
Severity
Medium
CVSS score
5,6
CVSS vector
(AV:R/AC:H/Au:NR/C:P/I:P/A:P/B:N)
Phase
Assigned (16.03.2007)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1469
References
BID :
22988
BUGTRAQ :
20070315 Absolute Image Gallery Gallery.ASP (categoryid) MSSQL Injection Exploit
FRSIRT :
ADV-2007-1002
OSVDB :
34239
SECUNIA :
24543
XF :
absolute-gallery-sql-injection(33005)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
