Vulnerability Description
SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Terong | Advanced Web Photo Gallery | 1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29667Vendor Advisory
- http://www.securityfocus.com/bid/28626Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41665
- https://www.exploit-db.com/exploits/5364
- http://secunia.com/advisories/29667Vendor Advisory
- http://www.securityfocus.com/bid/28626Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41665
- https://www.exploit-db.com/exploits/5364
FAQ
What is CVE-2008-1875?
CVE-2008-1875 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in index.php in Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 allows remote attackers to execute arbitrary SQL commands via the photo_id parameter.
How severe is CVE-2008-1875?
CVE-2008-1875 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1875?
Check the references section above for vendor advisories and patch information. Affected products include: Terong Advanced Web Photo Gallery.