Vulnerabilities > CVE-2007-3065 - SQL Injection vulnerability in Particle Soft Particle Gallery 1.0.0/1.0.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
particle-soft
exploit available
NVD
Published: 2007-06-06
Updated: 2017-10-11

Summary

SQL injection vulnerability in viewimage.php in Particle Soft Particle Gallery 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the editcomment parameter, a different version and vector than CVE-2006-2862.

Vulnerable Configurations

Part Description Count
Application
Particle_Soft
2

Exploit-Db

descriptionParticle Gallery <= 1.0.1 Remote SQL Injection Exploit. CVE-2007-3065. Webapps exploit for php platform
fileexploits/php/webapps/4019.php
idEDB-ID:4019
last seen2016-01-31
modified2007-06-01
platformphp
port
published2007-06-01
reporterSilentz
sourcehttps://www.exploit-db.com/download/4019/
titleParticle Gallery <= 1.0.1 - Remote SQL Injection Exploit
typewebapps

References