Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2010-3207

Published: 03/09/2010 Updated: 17/08/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Product Search on Vulmon Subscribe to Product

galeriashqip galeriashqip 1.0

Exploits

Exploit DB: GaleriaSHQIP 1.0 - SQL Injection
# Exploit Title: GaleriaSHQIP SQL Injection Vulnerability # Date: 28082010 # Author: Valentin # Category: webapps/0day # Version: v10 full [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::] >> General Information Advisory/Exploit Title = GaleriaSHQIP SQL Injection Vulnerability Author = Valentin Hoebel Co ...

References

CWE-89http://packetstormsecurity.org/1008-exploits/galeriashqip-sql.txthttp://osvdb.org/67690http://www.exploit-db.com/exploits/14826http://www.xenuser.org/documents/security/galeriaSHQIP_sqli.txthttp://secunia.com/advisories/41113https://exchange.xforce.ibmcloud.com/vulnerabilities/61456https://nvd.nist.govhttps://www.exploit-db.com/exploits/14826/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802template injectionCVE-2024-0044code injectionCVE-2024-35474CVE-2024-27857CVE-2024-23251CVE-2024-23692physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook