Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1114

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1114
Last Modified 05 Sep 2008 04:48:14
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1114

Summary

Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow remote attackers to execute arbitrary SQL commands via the (1) mode or (2) search parameters.

Vulnerable Systems

Application

  • Phpbb Group Phpbb 2.0.0

  • Phpbb Group Phpbb 2.0.1

  • Phpbb Group Phpbb 2.0.10

  • Phpbb Group Phpbb 2.0.11

  • Phpbb Group Phpbb 2.0.12

  • Phpbb Group Phpbb 2.0.13

  • Phpbb Group Phpbb 2.0.2

  • Phpbb Group Phpbb 2.0.3

  • Phpbb Group Phpbb 2.0.4

  • Phpbb Group Phpbb 2.0.5

  • Phpbb Group Phpbb 2.0.6

  • Phpbb Group Phpbb 2.0.6c

  • Phpbb Group Phpbb 2.0.6d

  • Phpbb Group Phpbb 2.0.7

  • Phpbb Group Phpbb 2.0.7a

  • Phpbb Group Phpbb 2.0.8

  • Phpbb Group Phpbb 2.0.8a

  • Phpbb Group Phpbb 2.0.9

  • Smartor Photo Album 2.0.53


References

XF - phpbb-multiple-modules-sql-injection(20086)

BID - 13155

MISC - http://www.digitalparadox.org/advisories/phpbbp.txt

BUGTRAQ - 20050413 Multiple Sql injection and XSS vulnerabilities in phpBB Plus and below and some of its modules

OSVDB - 15931


Last Updated: 27 May 2016 10:40:02