Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0256

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0256
Last Modified 05 Sep 2008 05:34:36
Published 15 Jan 2008 03:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0256

Summary

Multiple SQL injection vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) Imgbig.asp, (b) thumb.asp, and (c) thumbricerca.asp and the (2) ricerca parameter to (d) thumbricerca.asp.

Vulnerable Systems

Application

  • Matteo Binda Asp Photo Gallery 1.0


References

BID - 27262

MILW0RM - 4900

SECUNIA - 28447

XF - aspphotogallery-multiple-sql-injection(39646)


Last Updated: 27 May 2016 10:46:44