Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6789


Vulnerability Score 5.1 5.1
CVE Id CVE-2008-6789
Last Modified 13 May 2009 01:25:44
Published 04 May 2009 03:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788.

Vulnerable Systems


  • Minddezign Photo Gallery 2.2


XF - photogallery-username-sql-injection(50344)

XF - photogallery-id-username-sql-injection(46075)

MILW0RM - 6820

SECUNIA - 32358

Last Updated: 27 May 2016 10:49:20