Vulnerability Description
SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Photopost | Photopost Php Pro | 5.0_rc3 |
References
- http://marc.info/?l=bugtraq&m=111205342909640&w=2
- http://marc.info/?l=bugtraq&m=111213719017716&w=2
- http://secunia.com/advisories/14742
- http://securitytracker.com/id?1013581
- http://www.osvdb.org/15099
- http://www.osvdb.org/15100
- http://marc.info/?l=bugtraq&m=111205342909640&w=2
- http://marc.info/?l=bugtraq&m=111213719017716&w=2
- http://secunia.com/advisories/14742
- http://securitytracker.com/id?1013581
- http://www.osvdb.org/15099
- http://www.osvdb.org/15100
FAQ
What is CVE-2005-0929?
CVE-2005-0929 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.ph...
How severe is CVE-2005-0929?
CVE-2005-0929 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0929?
Check the references section above for vendor advisories and patch information. Affected products include: Photopost Photopost Php Pro.