FKIE_CVE-2005-4228

Vulnerability from fkie_nvd - Published: 2005-12-14 11:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php. NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier.
References
cve@mitre.orghttp://pridels0.blogspot.com/2005/12/phpwebgallery-multiple-sql-inj.html
cve@mitre.orghttp://secunia.com/advisories/18019Vendor Advisory
cve@mitre.orghttp://www.osvdb.org/21689
cve@mitre.orghttp://www.osvdb.org/21690
cve@mitre.orghttp://www.osvdb.org/21691
cve@mitre.orghttp://www.securityfocus.com/bid/15837Exploit
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2881
af854a3a-2127-422b-91ae-364da2661108http://pridels0.blogspot.com/2005/12/phpwebgallery-multiple-sql-inj.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18019Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21689
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21690
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/21691
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15837Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2881
Impacted products
Vendor Product Version
phpwebgallery phpwebgallery *
phpwebgallery phpwebgallery 1.0
phpwebgallery phpwebgallery 1.1
phpwebgallery phpwebgallery 1.2.1
phpwebgallery phpwebgallery 1.3.0
phpwebgallery phpwebgallery 1.3.1
phpwebgallery phpwebgallery 1.3.2
phpwebgallery phpwebgallery 1.3.3
phpwebgallery phpwebgallery 1.3.4
phpwebgallery phpwebgallery 1.4.0
phpwebgallery phpwebgallery 1.4.1
phpwebgallery phpwebgallery 1.5.0
phpwebgallery phpwebgallery 1.5.1
phpwebgallery phpwebgallery 1.5.2
phpwebgallery phpwebgallery 1.6
phpwebgallery phpwebgallery 1.6.0
phpwebgallery phpwebgallery 1.6.1
phpwebgallery phpwebgallery 1.6.2
phpwebgallery phpwebgallery 1.7.0
phpwebgallery phpwebgallery 1.7.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B662306-A004-463F-BDA9-D52F5E47F380",
              "versionEndIncluding": "1.7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F0EE492-82CC-4B8D-A4C2-C03D90E3512C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12A62835-F153-476A-8F73-D190E249C60F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18716F33-C917-477A-8B02-8F3E03BADD21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11243C68-0FEC-4C4B-B33A-CA393F6DCBA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCF0BF8D-0EBE-47E8-BF92-249308692253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9DC36B6-9AFA-4A90-ACBB-7BB25C27CBE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C904823-1291-4883-950E-089443E1306F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2847007A-5F0B-457E-9D56-1570B59B1589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "340CE351-800F-4670-A4FF-2B56644B6DC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B0A25DD-835C-43FF-A040-90B59B5C8D97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E410A77F-8520-4011-A1CA-03B0A466CF11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "029740C0-CC4B-412A-AD11-8B1D7ED66996",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B249FD5-B164-41F3-970E-8701C8C469CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A75BEC-B94C-403A-92B6-36C4C6E49D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "261EA07E-62B1-45DF-A21B-3F63B0E528FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B90E5405-7F62-4696-BC32-E0133A3E9652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "645D12DC-EBCE-4CAE-8B62-143B66AD1815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5256C5-8612-4961-B813-D560D59E59EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:phpwebgallery:phpwebgallery:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "874E8A29-1530-4744-A466-05AC7E543EC5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple SQL injection vulnerabilities in PhpWebGallery 1.5.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) since, (2) sort_by, and (3) items_number parameters to comments.php, (4) the search parameter to category.php, and (5) image_id parameter to picture.php.  NOTE: it was later reported that the comments.php/sort_by vector also affects 1.7.2 and earlier."
    }
  ],
  "id": "CVE-2005-4228",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-14T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://pridels0.blogspot.com/2005/12/phpwebgallery-multiple-sql-inj.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18019"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/21689"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/21690"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/21691"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/15837"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://pridels0.blogspot.com/2005/12/phpwebgallery-multiple-sql-inj.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18019"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/21689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/21690"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/21691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/15837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2881"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.