Vulnerabilities > CVE-2005-3920 - SQL Injection vulnerability in Babe Logger Babe Logger 2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
babe-logger
exploit available

Summary

SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL commands via the (1) gal parameter to index.php or (2) id parameter to comments.php.

Vulnerable Configurations

Part Description Count
Application
Babe_Logger
1

Exploit-Db

  • descriptionBabe Logger V2 comments.php id Parameter SQL Injection. CVE-2005-3920 . Webapps exploit for php platform
    idEDB-ID:26606
    last seen2016-02-03
    modified2005-11-28
    published2005-11-28
    reporterr0t
    sourcehttps://www.exploit-db.com/download/26606/
    titleBabe Logger 2.0 - comments.php id Parameter SQL Injection
  • descriptionBabe Logger V2 index.php gal Parameter SQL Injection. CVE-2005-3920. Webapps exploit for php platform
    idEDB-ID:26605
    last seen2016-02-03
    modified2005-11-28
    published2005-11-28
    reporterr0t
    sourcehttps://www.exploit-db.com/download/26605/
    titleBabe Logger 2.0 - index.php gal Parameter SQL Injection