Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2501

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2501
Last Modified 05 Sep 2008 05:40:28
Published 29 May 2008 07:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2501

Summary

Multiple SQL injection vulnerabilities in PHPhotoalbum 0.5 allow remote attackers to execute arbitrary SQL commands via the (1) album parameter to thumbnails.php and the (2) pid parameter to displayimage.php.

Vulnerable Systems

Application

  • Henning Stoverud Phphotoalbum 0.5


References

XF - phphotoalbum-multiple-sql-injection(42670)

MILW0RM - 5683

SECUNIA - 30407


Last Updated: 27 May 2016 10:47:53