Instant Photo Gallery多个SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109354 漏洞类型 SQL注入
发布时间 2005-11-30 更新时间 2005-11-30
CVE编号 CVE-2005-3986 CNNVD-ID CNNVD-200512-057
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/26686
https://www.securityfocus.com/bid/15659
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-057
|漏洞详情
InstantPhotoGallery1及之前版本存在多个SQL注入漏洞。远程攻击者可以通过(1)portfolio.php中的cat_id参数和(2)content.php中的cid参数,执行任意SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/15659/info
 
Instant Photo Gallery is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query.
 
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
 
Versions v1 and prior are reported to be vulnerable; other versions may also be affected. 

http://www.example.com/content.php?cid=[SQL]
|受影响的产品
Instant Photo Gallery Instant Photo Gallery 1.0
|参考资料

来源:XF
名称:instantphotogallery-multiple-sql-injection(23350)
链接:http://xforce.iss.net/xforce/xfdb/23350
来源:BID
名称:15659
链接:http://www.securityfocus.com/bid/15659
来源:OSVDB
名称:21335
链接:http://www.osvdb.org/21335
来源:OSVDB
名称:21334
链接:http://www.osvdb.org/21334
来源:VUPEN
名称:ADV-2005-2670
链接:http://www.frsirt.com/english/advisories/2005/2670
来源:SECUNIA
名称:17841
链接:http://secunia.com/advisories/17841
来源:MISC
链接:http://pridels0.blogspot.com/2005/11/instant-photo-gallery-sql-inj-vuln.html