CVE-2008-1840
Published Apr 16, 2008
Last updated a year ago
Overview
- Description
- SQL injection vulnerability in upload.php in Coppermine Photo Gallery (CPG) 1.4.16 and earlier allows remote authenticated users or user-assisted remote HTTP servers to execute arbitrary SQL commands via the Content-Type HTTP response header provided by the HTTP server that is used for an upload.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-89
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0E0C60B-44DD-4E37-A337-FA887D88346A",
"versionEndIncluding": "1.4.16"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "183F2FD0-A6D4-4F86-98D7-FC7D22443654"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45C95857-2002-46F1-88AC-CC34F0B943D1"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAA317DD-C804-4349-9BDC-B23FAE493516"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DFCDB9A-E808-4EC2-A377-CF17C0B6AFF5"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D3BB681-16F8-441F-912C-9488791A6420"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "709BC7EC-6EAB-4880-B210-F6E154FF7CB7"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5C614B6-4BC6-4F77-8D4E-9EBDC69B396C"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC4E2E91-3BDD-4308-A7FB-6C0EB6F3E115"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "492C36B4-FB91-4B29-A3B6-0BFF3EF01A87"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7A89B92-8323-4240-80CE-102070202A09"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1BCC40D-EF9C-4843-9183-EA725C9C03FA"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0D02234-2729-499B-A686-F1F85401FEDF"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E21C42CB-86B1-4EC1-A508-809316F83CC0"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6626384-FA55-4B87-801B-554B9E7EC1F2"
},
{
"criteria": "cpe:2.3:a:coppermine:coppermine_photo_gallery:1.4.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84687B6F-B1A1-4CE0-A199-40CAF3D293C5"
}
],
"operator": "OR"
}
]
}
]