Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1415

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1415
Last Modified 05 Sep 2008 04:41:18
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1415

Summary

SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5.1 allows remote attackers to execute arbitrary SQL commands via the id_album parameter.

Vulnerable Systems

Application

  • Ben3w 2bgal 2.4

  • Ben3w 2bgal 2.5.1


References

BID - 12083

XF - 2bgal-dispalbum-sql-injection(18645)

SECUNIA - 13620

BUGTRAQ - 20041222 2Bgal : 2.4 & 2.5.1 SQL injection Vulnerability


Last Updated: 27 May 2016 10:39:01