Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1349

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-1349
Last Modified 18 Mar 2009 01:35:02
Published 17 Mar 2008 12:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1349

Summary

SQL injection vulnerability in viewcat.php in the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter.

Vulnerable Systems

Application

  • Exv2 2.0.6

  • Exv2 Bamagalerie 3.03

  • Exv2 Bamagalerie 3.041


References

MILW0RM - 5340

MILW0RM - 5244

SECUNIA - 29362

SECUNIA - 29359

MISC - http://packetstormsecurity.org/0804-exploits/runcms11a-sql.txt

XF - bamagalerie-viewcat-sql-injection(41188)

BID - 28229


Last Updated: 27 May 2016 10:47:07