CVE-2005-1948

Loading...

General

Score:7.5/10.0
Severity:High
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 09/06/05 - Updated on 18/10/16

Description

Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to execute arbitrary SQL commands via (1) the comment parameter in an editcomment action or (2) the rating parameter when voting on a photo.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2005-1948

Exploits

Exploit-DBEDB-25806
SecurityFocusBID-13907

Relative technologies

VendorProduct
invision_power_servicesinvision_gallery

Share this vulnerability with:

Twitter Facebook LinkedIn Mail