← back
CVE-2005-4244

CVE-2005-4244

EPSS 2.6%
SQL injection vulnerability in Snipe Gallery 3.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) gallery_id parameter to view.php and (2) image_id parameter to image.php.
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/26800unverifiedexploitdbwww.exploit-db.com/exploits/26799unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://pridels0.blogspot.com/2005/12/snipe-gallery-sqlxss-vuln.htmlhttp://secunia.com/advisories/18022http://www.osvdb.org/21693http://www.osvdb.org/21694http://www.securityfocus.com/bid/15844http://www.vupen.com/english/advisories/2005/2882